Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

EXPLORER CRASHES AND RESTARTS, SHELL32 IS THE CULPRIT


  • This topic is locked This topic is locked
31 replies to this topic

#1 rajuvishnu52

rajuvishnu52

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Kerala,India
  • Local time:11:27 AM

Posted 27 May 2013 - 02:28 AM

Hi all,
I am having a list of problems like control panel not opening,explorer crashes and restarts every now and then. I have installed DDS and Combofix...I have given their respective logs below.
 
Please help me to get rid of this thing that makes my pc useless.
Thanks in advance.
----------------------------------DDS----------------------------------
 
dds.txt
DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 9.0.8112.16450
Run by HP at 11:37:14 on 2013-05-27
Microsoft Windows 7 Home Basic   6.1.7601.1.1252.91.1033.18.3998.2252 [GMT 5.5:30]
.
AV: Microsoft Security Essentials *Enabled/Outdated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Outdated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Uniblue\DriverScanner\dsmonitor.exe
C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
C:\Program Files\Motorola\Bluetooth\audiosrv.exe
C:\Program Files\Motorola\Bluetooth\obexsrv.exe
C:\ProgramData\DatacardService\DCService.exe
C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
C:\ProgramData\DatacardService\DCSHelper.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar2.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\rundll32.exe
C:\Users\HP\AppData\Roaming\MegaFon Internet\ouc.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\SysWOW64\PnkBstrB.exe
C:\Windows\System32\tcpsvcs.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\MBlaze UI\bin\MonServiceUDisk.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Users\HP\AppData\Local\Google\Update\1.3.21.145\GoogleCrashHandler.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Users\HP\AppData\Local\Google\Update\1.3.21.145\GoogleCrashHandler64.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Motorola\Bluetooth\btplayerctrl.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Users\HP\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\HP\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\HP\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\WUDFHost.exe
C:\Program Files\MBlaze UI\bin\App.exe
C:\Windows\system32\wuauclt.exe
C:\Users\HP\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\HP\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\HP\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://indiasearcher.in/r.asp#
uSearch Bar = hxxp://www.google.com/ie
uSearch Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
uURLSearchHooks: BitTorrentControl_v12 Toolbar: {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - C:\Program Files (x86)\BitTorrentControl_v12\prxtbBitT.dll
mURLSearchHooks: BitTorrentControl_v12 Toolbar: {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - C:\Program Files (x86)\BitTorrentControl_v12\prxtbBitT.dll
mWinlogon: Userinit = userinit.exe,
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: BitTorrentControl_v12 Toolbar: {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - C:\Program Files (x86)\BitTorrentControl_v12\prxtbBitT.dll
TB: BitTorrentControl_v12 Toolbar: {B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14} - C:\Program Files (x86)\BitTorrentControl_v12\prxtbBitT.dll
TB: BitTorrentControl_v12 Toolbar: {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - C:\Program Files (x86)\BitTorrentControl_v12\prxtbBitT.dll
uRun: [HW_OPENEYE_OUC_MegaFon Internet] "C:\Program Files (x86)\MegaFon Internet\UpdateDog\ouc.exe"
uRun: [Google Update] "C:\Users\HP\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [DriverScanner] "C:\Program Files (x86)\Uniblue\DriverScanner\launcher.exe" delay 20000 
uRun: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
uRun: [BitTorrent] "C:\Program Files (x86)\BitTorrent\BitTorrent.exe"  /MINIMIZED
uRun: [1c] C:\Users\HP\AppData\Roaming\0a3\1c.js
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [ROC_ROC_NT] "C:\Program Files (x86)\AVG Secure Search\ROC_ROC_NT.exe" / /PROMPT /CMPID=ROC_NT
mRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
StartupFolder: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\4a684.js
StartupFolder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\4a684.js
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\3.0.207\SSScheduler.exe
uPolicies-Explorer: NoControlPanel = 1
uPolicies-Explorer: NoWindowsUpdate = 1
uPolicies-Explorer: NoFileUrl = dword:0
uPolicies-Explorer: NoDrives = dword:0
uPolicies-Explorer: NoUpdateCheck = dword:0
uPolicies-Explorer: DisallowRun = dword:1
uPolicies-Explorer: NoDriveTypeAutoRun = dword:32
uPolicies-System: NoDispSettingsPage = dword:0
uPolicies-System: NoDispAppearancePage = dword:0
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm
TCP: Interfaces\{1831D6A4-19D7-471A-964D-59EAD299B3C6} : NameServer = 10.228.129.113 10.228.129.114
TCP: Interfaces\{62D42567-5E78-4F95-AEBE-278ABC83B8FA} : NameServer = 202.148.200.3 202.148.202.4
TCP: Interfaces\{78475112-ED01-4B9A-B241-61D149F9A4FF} : NameServer = 202.148.200.3 202.148.202.4
TCP: Interfaces\{8B0C36BE-6AE1-4A29-85CF-D6758131B894} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{8B0C36BE-6AE1-4A29-85CF-D6758131B894}\84050A75F627C646 : DHCPNameServer = 192.168.2.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
mASetup: {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} - msiexec /fu {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} /qn
x64-mStart Page = hxxp://indiasearcher.in/r.asp#
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [SetDefault] C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [BTMTrayAgent] rundll32.exe "C:\Program Files\Motorola\Bluetooth\btmshell.dll",TrayApp
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-IE: {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\itjns02n.default\
FF - prefs.js: browser.search.selectedEngine - AVG Secure Search
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\HP\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\itjns02n.default\extensions\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14}\plugins\np-mswmp.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1167637.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll
.
---- FIREFOX POLICIES ----
FF - user.js: keyword.URL - hxxp://indiasearcher.in/r.asp#);user_pref(browser.startup.homepage, http://indiasearcher.in/r.asp#
============= SERVICES / DRIVERS ===============
.
R0 amdkmpfd;AMD PCI Root Bus Lower Filter;C:\Windows\System32\drivers\amdkmpfd.sys [2012-1-18 31360]
R0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2011-12-5 16152]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2012-9-23 283200]
R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2011-4-18 189440]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-1-18 235520]
R2 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files\Motorola\Bluetooth\audiosrv.exe [2012-5-3 1193040]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files\Motorola\Bluetooth\obexsrv.exe [2012-5-3 783704]
R2 DCService.exe;DCService.exe;C:\ProgramData\DatacardService\DCService.exe [2010-5-8 229376]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-9-10 86072]
R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-11-23 227896]
R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2011-5-14 30520]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2011-11-30 34872]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-5-3 13592]
R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2011-12-9 607456]
R2 Intel® ME Service;Intel® ME Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [2012-5-3 128280]
R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2012-5-3 161560]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-5-24 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-5-24 701512]
R2 PanService;PandoraService;C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [2012-9-22 577752]
R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-4-15 3289208]
R2 UDisk Monitor;UDisk Monitor;C:\Program Files\MBlaze UI\bin\MonServiceUDisk.exe [2013-5-24 403456]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-5-3 363800]
R3 Bluetooth Device Manager;Bluetooth Device Manager;C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe [2012-5-3 4180824]
R3 BTMCOM;Bluetooth Serial Port;C:\Windows\System32\drivers\btmcom.sys [2012-5-3 52736]
R3 BTMNET;Motorola Bluetooth Network Adapter Service;C:\Windows\System32\drivers\btmnet.sys [2012-5-3 30208]
R3 BTMUSB;Motorola Bluetooth Radio Service;C:\Windows\System32\drivers\btmusb.sys [2012-5-3 663936]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2010-7-28 31088]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-5-3 1028096]
R3 huawei_enumerator;huawei_enumerator;C:\Windows\System32\drivers\ew_jubusenum.sys [2012-10-19 83456]
R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-12-6 331264]
R3 intelkmd;intelkmd;C:\Windows\System32\drivers\igdpmd64.sys [2012-1-6 14652768]
R3 iusb3hub;Intel® USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2011-12-5 355096]
R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2013-5-27 786200]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-5-24 25928]
R3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\System32\drivers\MpNWMon.sys [2011-4-18 40832]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\drivers\netr28x.sys [2012-5-3 1813056]
R3 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2011-4-27 84864]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-4-27 288272]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-5-3 565352]
R3 ztemtusbser;ZTEMT Legacy Serial Communication;C:\Windows\System32\drivers\CT_ZTEMT_U_USBSER.sys [2013-5-24 120704]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-9 160944]
S3 BTMHID;BTMHID;C:\Windows\System32\drivers\btmhid.sys [2012-5-3 34176]
S3 BTMMODEM;Bluetooth Modem Device;C:\Windows\System32\drivers\btmcom.sys [2012-5-3 52736]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;C:\Windows\System32\drivers\ew_hwusbdev.sys [2012-10-19 114560]
S3 ewusbnet;HUAWEI USB-NDIS miniport;C:\Windows\System32\drivers\ewusbnet.sys [2012-10-19 252928]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 RSP2STOR;Realtek PCIE CardReader Driver - P2;C:\Windows\System32\drivers\RtsP2Stor.sys [2012-5-3 258664]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-14 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-14 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-14 740864]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]
.
=============== Created Last 30 ================
.
2013-05-27 06:00:01 9460464 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B79500E3-2655-4ECB-A678-166C74BE954A}\mpengine.dll
2013-05-27 05:36:32 786200 ----a-w- C:\Windows\System32\drivers\iusb3xhc.sys
2013-05-25 11:25:21 -------- d-----w- C:\Users\HP\AppData\Roaming\funkitron
2013-05-25 10:35:39 -------- d-----w- C:\Users\HP\AppData\Roaming\iWing
2013-05-25 10:35:39 -------- d-----w- C:\ProgramData\iWing
2013-05-24 18:56:06 -------- d-----w- C:\Program Files (x86)\WMI Tools
2013-05-24 18:32:48 972264 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FF66FB4D-438A-421D-9E53-C9A804BCAEE2}\gapaengine.dll
2013-05-24 18:05:55 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-05-24 18:05:55 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-05-24 17:36:17 4167680 ----a-w- C:\Program Files (x86)\GUT5976.tmp
2013-05-24 17:36:17 -------- d-----w- C:\Program Files (x86)\GUM5975.tmp
2013-05-24 17:33:08 120704 ----a-w- C:\Windows\System32\drivers\CT_ZTEMT_U_USBSER.sys
2013-05-24 17:33:06 -------- d-----w- C:\Program Files\MBlaze UI
2013-05-24 17:14:29 -------- d-----w- C:\Users\HP\AppData\Roaming\PeerNetworking
2013-05-24 17:04:00 -------- d-----w- C:\Users\HP\AppData\Roaming\IDT
2013-05-24 15:44:20 -------- d-----w- C:\Users\HP\AppData\Roaming\Malwarebytes
2013-05-24 15:43:32 -------- d-----w- C:\ProgramData\Malwarebytes
2013-05-24 15:43:11 -------- d-----w- C:\Users\HP\AppData\Local\Programs
2013-05-24 15:13:11 -------- d-----w- C:\Users\HP\AppData\Roaming\ZTEMTUI
2013-05-15 13:32:21 28492 ----a-w- C:\ProgramData\1368623578.3724.bin
2013-05-15 13:13:22 1293 ----a-w- C:\ProgramData\1368623578.5340.bin
2013-05-15 13:13:21 31101 ----a-w- C:\ProgramData\1368623578.4144.bin
2013-05-15 13:13:16 3258 ----a-w- C:\ProgramData\1368623578.4884.bin
2013-05-15 13:13:10 1304 ----a-w- C:\ProgramData\1368623578.5984.bin
2013-05-15 13:13:02 9073 ----a-w- C:\ProgramData\1368623578.5716.bin
2013-05-15 13:13:02 449449 ----a-w- C:\ProgramData\1368623578.2028.bin
2013-05-15 13:12:58 8197 ----a-w- C:\ProgramData\1368623578.5796.bin
2013-05-15 13:12:58 57521 ----a-w- C:\ProgramData\1368623578.1564.bin
2013-05-15 13:12:58 33093 ----a-w- C:\ProgramData\1368623578.5780.bin
2013-05-15 13:10:53 15678 ----a-w- C:\ProgramData\1368623451.bdinstall.bin
2013-05-15 13:09:09 28140 ----a-w- C:\ProgramData\1368621083.5744.bin
2013-05-15 12:34:01 30093 ----a-w- C:\ProgramData\1368621083.3792.bin
2013-05-15 12:33:49 3258 ----a-w- C:\ProgramData\1368621083.5032.bin
2013-05-15 12:31:48 507 ----a-w- C:\ProgramData\1368621083.6032.bin
2013-05-15 12:31:36 1304 ----a-w- C:\ProgramData\1368621083.5212.bin
2013-05-15 12:31:28 9072 ----a-w- C:\ProgramData\1368621083.304.bin
2013-05-15 12:31:28 479432 ----a-w- C:\ProgramData\1368621083.3908.bin
2013-05-15 12:31:23 6040 ----a-w- C:\ProgramData\1368621083.2688.bin
2013-05-15 12:31:23 32834 ----a-w- C:\ProgramData\1368621083.4080.bin
2013-05-15 12:31:23 150905 ----a-w- C:\ProgramData\1368621083.4400.bin
2013-05-11 17:27:43 28140 ----a-w- C:\ProgramData\1368292100.3300.bin
2013-05-11 17:09:19 30092 ----a-w- C:\ProgramData\1368292100.344.bin
2013-05-11 17:09:14 3258 ----a-w- C:\ProgramData\1368292100.3344.bin
2013-05-11 17:09:13 507 ----a-w- C:\ProgramData\1368292100.5568.bin
2013-05-11 17:09:03 1304 ----a-w- C:\ProgramData\1368292100.6140.bin
2013-05-11 17:09:00 9073 ----a-w- C:\ProgramData\1368292100.4196.bin
2013-05-11 17:09:00 481474 ----a-w- C:\ProgramData\1368292100.4188.bin
2013-05-11 17:08:21 7048 ----a-w- C:\ProgramData\1368292100.2884.bin
2013-05-11 17:08:21 70130 ----a-w- C:\ProgramData\1368292100.1808.bin
2013-05-11 17:08:20 33066 ----a-w- C:\ProgramData\1368292100.3540.bin
2013-05-11 16:38:59 746555 ----a-w- C:\ProgramData\1368285735.bdinstall.bin
2013-05-11 08:42:45 733534 ----a-w- C:\ProgramData\1368254865.bdinstall.bin
2013-05-10 09:23:30 -------- d-----w- C:\Users\HP\AppData\Roaming\WildTangent
2013-05-09 11:27:42 28714 ----a-w- C:\ProgramData\1368095228.5544.bin
2013-05-09 11:05:18 -------- d-----w- C:\Program Files (x86)\Virus Secure Lab
2013-05-09 10:30:06 507 ----a-w- C:\ProgramData\1368095228.3772.bin
2013-05-09 10:30:06 -------- d-----w- C:\Users\HP\AppData\Roaming\QuickScan
2013-05-09 10:28:31 3256 ----a-w- C:\ProgramData\1368095228.4148.bin
2013-05-09 10:28:31 29921 ----a-w- C:\ProgramData\1368095228.3768.bin
2013-05-09 10:27:13 1303 ----a-w- C:\ProgramData\1368095228.1840.bin
2013-05-09 10:27:12 9073 ----a-w- C:\ProgramData\1368095228.1544.bin
2013-05-09 10:27:12 418779 ----a-w- C:\ProgramData\1368095228.3796.bin
2013-05-09 10:27:08 6760 ----a-w- C:\ProgramData\1368095228.4956.bin
2013-05-09 10:27:08 35074 ----a-w- C:\ProgramData\1368095228.2892.bin
2013-05-09 10:27:08 125986 ----a-w- C:\ProgramData\1368095228.4448.bin
2013-05-08 09:08:34 -------- d-----w- C:\Program Files\Common Files\Bitdefender
.
==================== Find3M  ====================
.
2013-05-27 05:36:31 41984 ----a-w- C:\Windows\System32\drivers\USB3Ver.dll
2013-05-02 15:29:56 278800 ------w- C:\Windows\System32\MpSigStub.exe
2013-04-18 15:29:59 4126720 ----a-w- C:\Program Files (x86)\GUT2000.tmp
2013-04-02 14:09:52 4550656 ----a-w- C:\Windows\SysWow64\GPhotos.scr
.
============= FINISH: 11:38:05.85 ===============
 
Attatch.txt
 
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Basic 
Boot Device: \Device\HarddiskVolume1
Install Date: 22-09-2012 18:45:02
System Uptime: 27-05-2013 10:52:46 (1 hours ago)
.
Motherboard: Hewlett-Packard |  | 183E
Processor: Intel® Core™ i5-3210M CPU @ 2.50GHz | U3E1 | 1175/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 223 GiB total, 159.843 GiB free.
D: is FIXED (NTFS) - 21 GiB total, 2.245 GiB free.
E: is CDROM ()
F: is FIXED (NTFS) - 222 GiB total, 127.195 GiB free.
G: is CDROM ()
H: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: 
Description: 
Device ID: PCI\VEN_8086&DEV_1E31&SUBSYS_183E103C&REV_04\3&11583659&0&A0
Manufacturer: 
Name: 
PNP Device ID: PCI\VEN_8086&DEV_1E31&SUBSYS_183E103C&REV_04\3&11583659&0&A0
Service: 
.
Class GUID: 
Description: 
Device ID: IUSB3\ROOT_HUB30\4&B98BC84&0
Manufacturer: 
Name: 
PNP Device ID: IUSB3\ROOT_HUB30\4&B98BC84&0
Service: 
.
==== System Restore Points ===================
.
RP22: 12-03-2013 09:02:58 - Scheduled Checkpoint
RP23: 24-03-2013 23:44:46 - Scheduled Checkpoint
RP24: 30-04-2013 15:39:59 - Scheduled Checkpoint
RP25: 08-05-2013 11:10:20 - Scheduled Checkpoint
RP26: 11-05-2013 21:11:19 - Windows Update
RP27: 15-05-2013 18:24:33 - Windows Update
RP28: 24-05-2013 19:44:37 - HPSF Applying updates
RP29: 24-05-2013 22:52:49 - Restore Operation
RP30: 25-05-2013 00:25:46 - Installed WMI Tools
RP31: 27-05-2013 10:55:21 - HPSF Applying updates
RP32: 27-05-2013 11:02:46 - HPSF Applying updates
RP33: 27-05-2013 11:29:43 - Windows Update
.
==== Installed Programs ======================
.
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.0) MUI
Adobe Reader X (10.1.4)
Adobe Shockwave Player 11.6
AMD APP SDK Runtime
AMD Catalyst Install Manager
Bejeweled 3
BitTorrent
BitTorrentControl_v12 Toolbar
Blackhawk Striker 2
Catalyst Control Center
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
Catalyst Control Center Profiles Mobile
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Chuzzle Deluxe
Counter-Strike 1.6
Cradle of Rome 2
CyberLink PowerDVD
CyberLink YouCam
D3DX10
DAEMON Tools Pro
Dora's World Adventure
ESU for Microsoft Windows 7 SP1
Evernote v. 4.5.2
Farm Frenzy
Farmscapes
FATE
Final Drive Fury
Google Chrome
Hewlett-Packard ACLM.NET v1.1.2.0
Hoyle Card Games
HP 3D DriveGuard
HP Auto
HP Client Services
HP CoolSense
HP Customer Experience Enhancements
HP Documentation
HP Games
HP Launch Box
HP On Screen Display
HP Power Manager
HP Quick Launch
HP Recovery Manager
HP Security Assistant
HP Setup
HP Setup Manager
HP Software Framework
HP Support Assistant
IDT Audio
Intel® Control Center
Intel® Display Audio Driver
Intel® Management Engine Components
Intel® Rapid Storage Technology
Intel® USB 3.0 eXtensible Host Controller Driver
Intel® Trusted Connect Service Client
Jewel Match 3
Jewel Quest Mysteries: The Seventh Gate Collector's Edition
John Deere Drive Green
Junk Mail filter update
Letters from Nowhere 2
Luxor HD
Mah Jong Medley
Malwarebytes Anti-Malware version 1.75.0.1300
MBlaze UI
MegaFon Internet
Mesh Runtime
Microsoft Antimalware
Microsoft Application Error Reporting
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Mozilla Firefox 14.0.1 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
opensource
Pandora Service
Penguins!
Picasa 3
Plants vs. Zombies - Game of the Year
PlayReady PC Runtime x86
Poker Superstars III
Polar Bowler
Polar Golfer
PX Profile Update
Ralink Motorola BC8 Bluetooth 3.0+HS Adapter
Ralink RT5390 802.11b/g/n WiFi Adapter
Realtek Ethernet Controller Driver
Realtek PCIE Card Reader
RollerCoaster Tycoon 3: Platinum
Skype Click to Call
Skype™ 6.0
swMSM
Synaptics Pointing Device Driver
The KMPlayer (remove only)
The Treasures of Mystery Island: The Ghost Ship
Torchlight
Uniblue DriverScanner
Update Installer for WildTangent Games App
Virtual Villagers 4 - The Tree of Life
Virus Effect Remover©
WildTangent Games App (HP Games)
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinRAR 4.20 (64-bit)
WinRAR archiver
WMI Tools
Zuma's Revenge
.
==== Event Viewer Messages From Past Week ========
.
27-05-2013 10:40:51, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:    Previous Signature Version: 1.151.842.0   Update Source: Microsoft Update Server   Update Stage: Search   Source Path: http://www.microsoft.com   Signature Type: AntiVirus   Update Type: Full   User: NT AUTHORITY\SYSTEM   Current Engine Version:    Previous Engine Version: 1.1.9506.0   Error code: 0x8024402c   Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 
27-05-2013 10:30:18, Error: Service Control Manager [7024]  - The Windows Firewall service terminated with service-specific error The data is invalid..
25-05-2013 19:59:59, Error: Microsoft Antimalware [3002]  - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed.   Feature: Behavior Monitoring   Error Code: 0x80004005   Error description: Unspecified error    Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
25-05-2013 10:14:39, Error: Microsoft Antimalware [3002]  - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed.   Feature: Behavior Monitoring   Error Code: 0x80004005   Error description: Unspecified error    Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
24-05-2013 23:54:19, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:    Previous Signature Version: 0.0.0.0   Update Source: Microsoft Update Server   Update Stage: Download   Source Path: http://www.microsoft.com   Signature Type: AntiVirus   Update Type: Full   User: NT AUTHORITY\SYSTEM   Current Engine Version:    Previous Engine Version: 0.0.0.0   Error code: 0x80240022   Error description: The program can't check for definition updates. 
24-05-2013 23:54:19, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:    Previous Signature Version: 0.0.0.0   Update Source: Microsoft Update Server   Update Stage: Download   Source Path: http://www.microsoft.com   Signature Type: AntiVirus   Update Type: Full   User: NT AUTHORITY\SYSTEM   Current Engine Version:    Previous Engine Version: 0.0.0.0   Error code: 0x80240022   Error description: The program can't check for definition updates. 
24-05-2013 23:35:21, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:    Previous Signature Version: 0.0.0.0   Update Source: Microsoft Update Server   Update Stage: Search   Source Path: http://www.microsoft.com   Signature Type: AntiVirus   Update Type: Full   User: NT AUTHORITY\SYSTEM   Current Engine Version:    Previous Engine Version: 0.0.0.0   Error code: 0x8024402c   Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 
24-05-2013 23:30:21, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:    Previous Signature Version: 0.0.0.0   Update Source: Microsoft Malware Protection Center   Update Stage: Search   Source Path: http://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x64&eng=0.0.0.0&sig=0.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094   Signature Type: AntiVirus   Update Type: Full   User: NT AUTHORITY\NETWORK SERVICE   Current Engine Version:    Previous Engine Version: 0.0.0.0   Error code: 0x80072ee7   Error description: The server name or address could not be resolved 
24-05-2013 23:30:21, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:    Previous Signature Version: 0.0.0.0   Update Source: Microsoft Malware Protection Center   Update Stage: Search   Source Path: http://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x64&eng=0.0.0.0&sig=0.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094   Signature Type: AntiVirus   Update Type: Full   User: NT AUTHORITY\NETWORK SERVICE   Current Engine Version:    Previous Engine Version: 0.0.0.0   Error code: 0x80072ee7   Error description: The server name or address could not be resolved 
24-05-2013 23:30:21, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:    Previous Signature Version: 0.0.0.0   Update Source: Microsoft Malware Protection Center   Update Stage: Search   Source Path: http://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x64&eng=0.0.0.0&sig=0.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094   Signature Type: AntiVirus   Update Type: Full   User: NT AUTHORITY\NETWORK SERVICE   Current Engine Version:    Previous Engine Version: 0.0.0.0   Error code: 0x80072ee7   Error description: The server name or address could not be resolved 
24-05-2013 23:30:21, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:    Previous Signature Version: 0.0.0.0   Update Source: Microsoft Malware Protection Center   Update Stage: Search   Source Path: http://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x64&eng=0.0.0.0&sig=0.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094   Signature Type: AntiSpyware   Update Type: Full   User: NT AUTHORITY\NETWORK SERVICE   Current Engine Version:    Previous Engine Version: 0.0.0.0   Error code: 0x80072ee7   Error description: The server name or address could not be resolved 
24-05-2013 23:30:21, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:    Previous Signature Version: 0.0.0.0   Update Source: Microsoft Malware Protection Center   Update Stage: Search   Source Path: http://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x64&eng=0.0.0.0&sig=0.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094   Signature Type: AntiSpyware   Update Type: Full   User: NT AUTHORITY\NETWORK SERVICE   Current Engine Version:    Previous Engine Version: 0.0.0.0   Error code: 0x80072ee7   Error description: The server name or address could not be resolved 
24-05-2013 23:30:21, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:    Previous Signature Version: 0.0.0.0   Update Source: Microsoft Malware Protection Center   Update Stage: Search   Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=0.0.0.0&avdelta=0.0.0.0&asdelta=0.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094   Signature Type: AntiVirus   Update Type: Full   User: NT AUTHORITY\NETWORK SERVICE   Current Engine Version:    Previous Engine Version: 0.0.0.0   Error code: 0x80072ee7   Error description: The server name or address could not be resolved 
24-05-2013 23:30:21, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:    Previous Signature Version: 0.0.0.0   Update Source: Microsoft Malware Protection Center   Update Stage: Search   Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=0.0.0.0&avdelta=0.0.0.0&asdelta=0.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094   Signature Type: AntiVirus   Update Type: Full   User: NT AUTHORITY\NETWORK SERVICE   Current Engine Version:    Previous Engine Version: 0.0.0.0   Error code: 0x80072ee7   Error description: The server name or address could not be resolved 
24-05-2013 23:30:21, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:    Previous Signature Version: 0.0.0.0   Update Source: Microsoft Malware Protection Center   Update Stage: Search   Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=0.0.0.0&avdelta=0.0.0.0&asdelta=0.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094   Signature Type: AntiVirus   Update Type: Full   User: NT AUTHORITY\NETWORK SERVICE   Current Engine Version:    Previous Engine Version: 0.0.0.0   Error code: 0x80072ee7   Error description: The server name or address could not be resolved 
24-05-2013 23:30:21, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:    Previous Signature Version: 0.0.0.0   Update Source: Microsoft Malware Protection Center   Update Stage: Search   Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=0.0.0.0&avdelta=0.0.0.0&asdelta=0.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094   Signature Type: AntiSpyware   Update Type: Full   User: NT AUTHORITY\NETWORK SERVICE   Current Engine Version:    Previous Engine Version: 0.0.0.0   Error code: 0x80072ee7   Error description: The server name or address could not be resolved 
24-05-2013 23:30:21, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:    Previous Signature Version: 0.0.0.0   Update Source: Microsoft Malware Protection Center   Update Stage: Search   Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=0.0.0.0&avdelta=0.0.0.0&asdelta=0.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094   Signature Type: AntiSpyware   Update Type: Full   User: NT AUTHORITY\NETWORK SERVICE   Current Engine Version:    Previous Engine Version: 0.0.0.0   Error code: 0x80072ee7   Error description: The server name or address could not be resolved 
24-05-2013 23:30:20, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:    Previous Signature Version: 0.0.0.0   Update Source: Microsoft Update Server   Update Stage: Search   Source Path: http://www.microsoft.com   Signature Type: AntiVirus   Update Type: Full   User: NT AUTHORITY\SYSTEM   Current Engine Version:    Previous Engine Version: 0.0.0.0   Error code: 0x8024402c   Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 
24-05-2013 23:29:17, Error: Microsoft Antimalware [2004]  - Microsoft Antimalware has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.   Signatures Attempted: Backup   Error Code: 0x8050a004   Error description: This package does not contain up-to-date definition files for this program. For more information, see Help and Support.    Signature version: 1.149.1765.0;1.149.1765.0   Engine version: 1.1.9103.0
24-05-2013 23:26:53, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service Bluetooth Device Manager with arguments "" in order to run the server: {3428CA47-50B8-48C2-8839-48D3C4C59B23}
24-05-2013 23:26:22, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service Bluetooth Device Manager with arguments "" in order to run the server: {09D8A98C-9BEF-476E-9450-B8CF74EE8D61}
24-05-2013 23:26:11, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:    Previous Signature Version: 0.0.0.0   Update Source: Microsoft Malware Protection Center   Update Stage: Search   Source Path: http://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x64&eng=0.0.0.0&sig=0.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094   Signature Type: AntiVirus   Update Type: Full   User: NT AUTHORITY\NETWORK SERVICE   Current Engine Version:    Previous Engine Version: 0.0.0.0   Error code: 0x80072ee7   Error description: The server name or address could not be resolved 
24-05-2013 23:26:11, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:    Previous Signature Version: 0.0.0.0   Update Source: Microsoft Malware Protection Center   Update Stage: Search   Source Path: http://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x64&eng=0.0.0.0&sig=0.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094   Signature Type: AntiVirus   Update Type: Full   User: NT AUTHORITY\NETWORK SERVICE   Current Engine Version:    Previous Engine Version: 0.0.0.0   Error code: 0x80072ee7   Error description: The server name or address could not be resolved 
24-05-2013 23:26:11, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:    Previous Signature Version: 0.0.0.0   Update Source: Microsoft Malware Protection Center   Update Stage: Search   Source Path: http://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x64&eng=0.0.0.0&sig=0.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094   Signature Type: AntiVirus   Update Type: Full   User: NT AUTHORITY\NETWORK SERVICE   Current Engine Version:    Previous Engine Version: 0.0.0.0   Error code: 0x80072ee7   Error description: The server name or address could not be resolved 
24-05-2013 23:26:11, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:    Previous Signature Version: 0.0.0.0   Update Source: Microsoft Malware Protection Center   Update Stage: Search   Source Path: http://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x64&eng=0.0.0.0&sig=0.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094   Signature Type: AntiSpyware   Update Type: Full   User: NT AUTHORITY\NETWORK SERVICE   Current Engine Version:    Previous Engine Version: 0.0.0.0   Error code: 0x80072ee7   Error description: The server name or address could not be resolved 
24-05-2013 23:26:11, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:    Previous Signature Version: 0.0.0.0   Update Source: Microsoft Malware Protection Center   Update Stage: Search   Source Path: http://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x64&eng=0.0.0.0&sig=0.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094   Signature Type: AntiSpyware   Update Type: Full   User: NT AUTHORITY\NETWORK SERVICE   Current Engine Version:    Previous Engine Version: 0.0.0.0   Error code: 0x80072ee7   Error description: The server name or address could not be resolved 
24-05-2013 23:26:11, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:    Previous Signature Version: 0.0.0.0   Update Source: Microsoft Malware Protection Center   Update Stage: Search   Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=0.0.0.0&avdelta=0.0.0.0&asdelta=0.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094   Signature Type: AntiVirus   Update Type: Full   User: NT AUTHORITY\NETWORK SERVICE   Current Engine Version:    Previous Engine Version: 0.0.0.0   Error code: 0x80072ee7   Error description: The server name or address could not be resolved 
24-05-2013 23:26:11, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:    Previous Signature Version: 0.0.0.0   Update Source: Microsoft Malware Protection Center   Update Stage: Search   Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=0.0.0.0&avdelta=0.0.0.0&asdelta=0.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094   Signature Type: AntiVirus   Update Type: Full   User: NT AUTHORITY\NETWORK SERVICE   Current Engine Version:    Previous Engine Version: 0.0.0.0   Error code: 0x80072ee7   Error description: The server name or address could not be resolved 
24-05-2013 23:26:11, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:    Previous Signature Version: 0.0.0.0   Update Source: Microsoft Malware Protection Center   Update Stage: Search   Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=0.0.0.0&avdelta=0.0.0.0&asdelta=0.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094   Signature Type: AntiVirus   Update Type: Full   User: NT AUTHORITY\NETWORK SERVICE   Current Engine Version:    Previous Engine Version: 0.0.0.0   Error code: 0x80072ee7   Error description: The server name or address could not be resolved 
24-05-2013 23:26:11, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:    Previous Signature Version: 0.0.0.0   Update Source: Microsoft Malware Protection Center   Update Stage: Search   Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=0.0.0.0&avdelta=0.0.0.0&asdelta=0.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094   Signature Type: AntiSpyware   Update Type: Full   User: NT AUTHORITY\NETWORK SERVICE   Current Engine Version:    Previous Engine Version: 0.0.0.0   Error code: 0x80072ee7   Error description: The server name or address could not be resolved 
24-05-2013 23:26:11, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:    Previous Signature Version: 0.0.0.0   Update Source: Microsoft Malware Protection Center   Update Stage: Search   Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=0.0.0.0&avdelta=0.0.0.0&asdelta=0.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094   Signature Type: AntiSpyware   Update Type: Full   User: NT AUTHORITY\NETWORK SERVICE   Current Engine Version:    Previous Engine Version: 0.0.0.0   Error code: 0x80072ee7   Error description: The server name or address could not be resolved 
24-05-2013 23:26:10, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:    Previous Signature Version: 0.0.0.0   Update Source: Microsoft Update Server   Update Stage: Search   Source Path: Default URL   Signature Type: AntiVirus   Update Type: Full   User: NT AUTHORITY\SYSTEM   Current Engine Version:    Previous Engine Version: 0.0.0.0   Error code: 0x8007043c   Error description: This service cannot be started in Safe Mode 
24-05-2013 23:26:10, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
24-05-2013 23:25:34, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
24-05-2013 23:25:34, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
24-05-2013 23:25:32, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
24-05-2013 23:25:26, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
24-05-2013 23:25:26, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service Bluetooth Media Service with arguments "" in order to run the server: {9AC233E9-AC75-4DB5-85C4-DAB13A484FEA}
24-05-2013 23:25:13, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  discache MpFilter spldr Wanarpv6
24-05-2013 23:25:10, Error: Microsoft Antimalware [2004]  - Microsoft Antimalware has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.   Signatures Attempted: Backup   Error Code: 0x8050a004   Error description: This package does not contain up-to-date definition files for this program. For more information, see Help and Support.    Signature version: 1.149.1765.0;1.149.1765.0   Engine version: 1.1.9103.0
24-05-2013 23:24:23, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SysMain service.
24-05-2013 23:22:03, Error: Service Control Manager [7034]  - The MBAMService service terminated unexpectedly.  It has done this 1 time(s).
24-05-2013 23:22:03, Error: Service Control Manager [7034]  - The MBAMScheduler service terminated unexpectedly.  It has done this 1 time(s).
24-05-2013 23:21:06, Error: Microsoft Antimalware [2004]  - Microsoft Antimalware has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.   Signatures Attempted: Backup   Error Code: 0x8050a004   Error description: This package does not contain up-to-date definition files for this program. For more information, see Help and Support.    Signature version: 1.149.1765.0;1.149.1765.0   Engine version: 1.1.9103.0
24-05-2013 23:20:18, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WerSvc service.
24-05-2013 23:18:07, Error: Microsoft Antimalware [2004]  - Microsoft Antimalware has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.   Signatures Attempted: Backup   Error Code: 0x8050a004   Error description: This package does not contain up-to-date definition files for this program. For more information, see Help and Support.    Signature version: 1.149.1765.0;1.149.1765.0   Engine version: 1.1.9103.0
24-05-2013 23:15:31, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:    Previous Signature Version: 0.0.0.0   Update Source: Microsoft Update Server   Update Stage: Search   Source Path: Default URL   Signature Type: AntiVirus   Update Type: Full   User: NT AUTHORITY\SYSTEM   Current Engine Version:    Previous Engine Version: 0.0.0.0   Error code: 0x8007043c   Error description: This service cannot be started in Safe Mode 
24-05-2013 23:10:31, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:    Previous Signature Version: 0.0.0.0   Update Source: Microsoft Malware Protection Center   Update Stage: Search   Source Path: http://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x64&eng=0.0.0.0&sig=0.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094   Signature Type: AntiVirus   Update Type: Full   User: NT AUTHORITY\NETWORK SERVICE   Current Engine Version:    Previous Engine Version: 0.0.0.0   Error code: 0x80072ee7   Error description: The server name or address could not be resolved 
24-05-2013 23:10:31, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:    Previous Signature Version: 0.0.0.0   Update Source: Microsoft Malware Protection Center   Update Stage: Search   Source Path: http://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x64&eng=0.0.0.0&sig=0.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094   Signature Type: AntiVirus   Update Type: Full   User: NT AUTHORITY\NETWORK SERVICE   Current Engine Version:    Previous Engine Version: 0.0.0.0   Error code: 0x80072ee7   Error description: The server name or address could not be resolved 
24-05-2013 23:10:31, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:    Previous Signature Version: 0.0.0.0   Update Source: Microsoft Malware Protection Center   Update Stage: Search   Source Path: http://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x64&eng=0.0.0.0&sig=0.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094   Signature Type: AntiVirus   Update Type: Full   User: NT AUTHORITY\NETWORK SERVICE   Current Engine Version:    Previous Engine Version: 0.0.0.0   Error code: 0x80072ee7   Error description: The server name or address could not be resolved 
24-05-2013 23:10:31, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:    Previous Signature Version: 0.0.0.0   Update Source: Microsoft Malware Protection Center   Update Stage: Search   Source Path: http://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x64&eng=0.0.0.0&sig=0.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094   Signature Type: AntiSpyware   Update Type: Full   User: NT AUTHORITY\NETWORK SERVICE   Current Engine Version:    Previous Engine Version: 0.0.0.0   Error code: 0x80072ee7   Error description: The server name or address could not be resolved 
24-05-2013 23:10:31, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:    Previous Signature Version: 0.0.0.0   Update Source: Microsoft Malware Protection Center   Update Stage: Search   Source Path: http://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x64&eng=0.0.0.0&sig=0.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094   Signature Type: AntiSpyware   Update Type: Full   User: NT AUTHORITY\NETWORK SERVICE   Current Engine Version:    Previous Engine Version: 0.0.0.0   Error code: 0x80072ee7   Error description: The server name or address could not be resolved 
24-05-2013 23:10:31, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:    Previous Signature Version: 0.0.0.0   Update Source: Microsoft Malware Protection Center   Update Stage: Search   Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=0.0.0.0&avdelta=0.0.0.0&asdelta=0.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094   Signature Type: AntiVirus   Update Type: Full   User: NT AUTHORITY\NETWORK SERVICE   Current Engine Version:    Previous Engine Version: 0.0.0.0   Error code: 0x80072ee7   Error description: The server name or address could not be resolved 
24-05-2013 23:10:31, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:    Previous Signature Version: 0.0.0.0   Update Source: Microsoft Malware Protection Center   Update Stage: Search   Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=0.0.0.0&avdelta=0.0.0.0&asdelta=0.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094   Signature Type: AntiVirus   Update Type: Full   User: NT AUTHORITY\NETWORK SERVICE   Current Engine Version:    Previous Engine Version: 0.0.0.0   Error code: 0x80072ee7   Error description: The server name or address could not be resolved 
24-05-2013 23:10:31, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:    Previous Signature Version: 0.0.0.0   Update Source: Microsoft Malware Protection Center   Update Stage: Search   Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=0.0.0.0&avdelta=0.0.0.0&asdelta=0.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094   Signature Type: AntiVirus   Update Type: Full   User: NT AUTHORITY\NETWORK SERVICE   Current Engine Version:    Previous Engine Version: 0.0.0.0   Error code: 0x80072ee7   Error description: The server name or address could not be resolved 
24-05-2013 23:10:31, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:    Previous Signature Version: 0.0.0.0   Update Source: Microsoft Malware Protection Center   Update Stage: Search   Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=0.0.0.0&avdelta=0.0.0.0&asdelta=0.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094   Signature Type: AntiSpyware   Update Type: Full   User: NT AUTHORITY\NETWORK SERVICE   Current Engine Version:    Previous Engine Version: 0.0.0.0   Error code: 0x80072ee7   Error description: The server name or address could not be resolved 
24-05-2013 23:10:31, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:    Previous Signature Version: 0.0.0.0   Update Source: Microsoft Malware Protection Center   Update Stage: Search   Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=0.0.0.0&avdelta=0.0.0.0&asdelta=0.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094   Signature Type: AntiSpyware   Update Type: Full   User: NT AUTHORITY\NETWORK SERVICE   Current Engine Version:    Previous Engine Version: 0.0.0.0   Error code: 0x80072ee7   Error description: The server name or address could not be resolved 
24-05-2013 23:10:30, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:    Previous Signature Version: 0.0.0.0   Update Source: Microsoft Update Server   Update Stage: Search   Source Path: Default URL   Signature Type: AntiVirus   Update Type: Full   User: NT AUTHORITY\SYSTEM   Current Engine Version:    Previous Engine Version: 0.0.0.0   Error code: 0x8007043c   Error description: This service cannot be started in Safe Mode 
24-05-2013 23:09:30, Error: Microsoft Antimalware [2004]  - Microsoft Antimalware has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.   Signatures Attempted: Backup   Error Code: 0x8050a004   Error description: This package does not contain up-to-date definition files for this program. For more information, see Help and Support.    Signature version: 1.149.1765.0;1.149.1765.0   Engine version: 1.1.9103.0
24-05-2013 23:08:38, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:    Previous Signature Version: 0.0.0.0   Update Source: Microsoft Update Server   Update Stage: Download   Source Path: http://www.microsoft.com   Signature Type: AntiVirus   Update Type: Full   User: NT AUTHORITY\SYSTEM   Current Engine Version:    Previous Engine Version: 0.0.0.0   Error code: 0x8024001e   Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 
24-05-2013 23:08:38, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:    Previous Signature Version: 0.0.0.0   Update Source: Microsoft Update Server   Update Stage: Download   Source Path: http://www.microsoft.com   Signature Type: AntiVirus   Update Type: Full   User: NT AUTHORITY\SYSTEM   Current Engine Version:    Previous Engine Version: 0.0.0.0   Error code: 0x8024001e   Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 
24-05-2013 23:03:56, Error: Service Control Manager [7030]  - The UDisk Monitor service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
24-05-2013 23:02:47, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:    Previous Signature Version: 0.0.0.0   Update Source: Microsoft Update Server   Update Stage: Search   Source Path: http://www.microsoft.com   Signature Type: AntiVirus   Update Type: Full   User: NT AUTHORITY\SYSTEM   Current Engine Version:    Previous Engine Version: 0.0.0.0   Error code: 0x8024402c   Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 
24-05-2013 22:57:47, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:    Previous Signature Version: 0.0.0.0   Update Source: Microsoft Malware Protection Center   Update Stage: Search   Source Path: http://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x64&eng=0.0.0.0&sig=0.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094   Signature Type: AntiVirus   Update Type: Full   User: NT AUTHORITY\NETWORK SERVICE   Current Engine Version:    Previous Engine Version: 0.0.0.0   Error code: 0x80072ee7   Error description: The server name or address could not be resolved 
24-05-2013 22:57:47, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:    Previous Signature Version: 0.0.0.0   Update Source: Microsoft Malware Protection Center   Update Stage: Search   Source Path: http://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x64&eng=0.0.0.0&sig=0.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094   Signature Type: AntiVirus   Update Type: Full   User: NT AUTHORITY\NETWORK SERVICE   Current Engine Version:    Previous Engine Version: 0.0.0.0   Error code: 0x80072ee7   Error description: The server name or address could not be resolved 
24-05-2013 22:57:47, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:    Previous Signature Version: 0.0.0.0   Update Source: Microsoft Malware Protection Center   Update Stage: Search   Source Path: http://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x64&eng=0.0.0.0&sig=0.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094   Signature Type: AntiVirus   Update Type: Full   User: NT AUTHORITY\NETWORK SERVICE   Current Engine Version:    Previous Engine Version: 0.0.0.0   Error code: 0x80072ee7   Error description: The server name or address could not be resolved 
24-05-2013 22:57:47, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:    Previous Signature Version: 0.0.0.0   Update Source: Microsoft Malware Protection Center   Update Stage: Search   Source Path: http://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x64&eng=0.0.0.0&sig=0.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094   Signature Type: AntiSpyware   Update Type: Full   User: NT AUTHORITY\NETWORK SERVICE   Current Engine Version:    Previous Engine Version: 0.0.0.0   Error code: 0x80072ee7   Error description: The server name or address could not be resolved 
24-05-2013 22:57:47, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:    Previous Signature Version: 0.0.0.0   Update Source: Microsoft Malware Protection Center   Update Stage: Search   Source Path: http://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x64&eng=0.0.0.0&sig=0.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094   Signature Type: AntiSpyware   Update Type: Full   User: NT AUTHORITY\NETWORK SERVICE   Current Engine Version:    Previous Engine Version: 0.0.0.0   Error code: 0x80072ee7   Error description: The server name or address could not be resolved 
24-05-2013 22:57:47, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:    Previous Signature Version: 0.0.0.0   Update Source: Microsoft Malware Protection Center   Update Stage: Search   Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=0.0.0.0&avdelta=0.0.0.0&asdelta=0.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094   Signature Type: AntiVirus   Update Type: Full   User: NT AUTHORITY\NETWORK SERVICE   Current Engine Version:    Previous Engine Version: 0.0.0.0   Error code: 0x80072ee7   Error description: The server name or address could not be resolved 
24-05-2013 22:57:47, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:    Previous Signature Version: 0.0.0.0   Update Source: Microsoft Malware Protection Center   Update Stage: Search   Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=0.0.0.0&avdelta=0.0.0.0&asdelta=0.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094   Signature Type: AntiVirus   Update Type: Full   User: NT AUTHORITY\NETWORK SERVICE   Current Engine Version:    Previous Engine Version: 0.0.0.0   Error code: 0x80072ee7   Error description: The server name or address could not be resolved 
24-05-2013 22:57:47, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:    Previous Signature Version: 0.0.0.0   Update Source: Microsoft Malware Protection Center   Update Stage: Search   Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=0.0.0.0&avdelta=0.0.0.0&asdelta=0.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094   Signature Type: AntiVirus   Update Type: Full   User: NT AUTHORITY\NETWORK SERVICE   Current Engine Version:    Previous Engine Version: 0.0.0.0   Error code: 0x80072ee7   Error description: The server name or address could not be resolved 
24-05-2013 22:57:47, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:    Previous Signature Version: 0.0.0.0   Update Source: Microsoft Malware Protection Center   Update Stage: Search   Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=0.0.0.0&avdelta=0.0.0.0&asdelta=0.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094   Signature Type: AntiSpyware   Update Type: Full   User: NT AUTHORITY\NETWORK SERVICE   Current Engine Version:    Previous Engine Version: 0.0.0.0   Error code: 0x80072ee7   Error description: The server name or address could not be resolved 
24-05-2013 22:57:47, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:    Previous Signature Version: 0.0.0.0   Update Source: Microsoft Malware Protection Center   Update Stage: Search   Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=0.0.0.0&avdelta=0.0.0.0&asdelta=0.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094   Signature Type: AntiSpyware   Update Type: Full   User: NT AUTHORITY\NETWORK SERVICE   Current Engine Version:    Previous Engine Version: 0.0.0.0   Error code: 0x80072ee7   Error description: The server name or address could not be resolved 
24-05-2013 22:57:46, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:    Previous Signature Version: 0.0.0.0   Update Source: Microsoft Update Server   Update Stage: Search   Source Path: http://www.microsoft.com   Signature Type: AntiVirus   Update Type: Full   User: NT AUTHORITY\SYSTEM   Current Engine Version:    Previous Engine Version: 0.0.0.0   Error code: 0x8024402c   Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 
24-05-2013 22:56:42, Error: Microsoft Antimalware [2004]  - Microsoft Antimalware has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.   Signatures Attempted: Backup   Error Code: 0x8050a004   Error description: This package does not contain up-to-date definition files for this program. For more information, see Help and Support.    Signature version: 1.149.1765.0;1.149.1765.0   Engine version: 1.1.9103.0
24-05-2013 22:56:35, Error: Microsoft Antimalware [2004]  - Microsoft Antimalware has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.   Signatures Attempted: Current   Error Code: 0x80070002   Error description: The system cannot find the file specified.    Signature version: 0.0.0.0;0.0.0.0   Engine version: 0.0.0.0
24-05-2013 21:38:17, Error: Microsoft Antimalware [3002]  - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed.   Feature: Behavior Monitoring   Error Code: 0x80004005   Error description: Unspecified error    Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
24-05-2013 21:28:02, Error: Microsoft Antimalware [3002]  - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed.   Feature: Behavior Monitoring   Error Code: 0x80004005   Error description: Unspecified error    Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
24-05-2013 21:11:05, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:    Previous Signature Version: 1.149.1765.0   Update Source: Microsoft Update Server   Update Stage: Download   Source Path: http://www.microsoft.com   Signature Type: AntiVirus   Update Type: Full   User: NT AUTHORITY\SYSTEM   Current Engine Version:    Previous Engine Version: 1.1.9402.0   Error code: 0x80240022   Error description: The program can't check for definition updates. 
24-05-2013 21:11:05, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:    Previous Signature Version: 1.149.1765.0   Update Source: Microsoft Update Server   Update Stage: Download   Source Path: http://www.microsoft.com   Signature Type: AntiVirus   Update Type: Full   User: NT AUTHORITY\SYSTEM   Current Engine Version:    Previous Engine Version: 1.1.9402.0   Error code: 0x80240022   Error description: The program can't check for definition updates. 
24-05-2013 20:58:11, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPWMISVC service.
24-05-2013 20:57:31, Error: Microsoft Antimalware [3002]  - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed.   Feature: Behavior Monitoring   Error Code: 0x80004005   Error description: Unspecified error    Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
24-05-2013 20:35:59, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:    Previous Signature Version: 1.149.1765.0   Update Source: Microsoft Update Server   Update Stage: Search   Source Path: http://www.microsoft.com   Signature Type: AntiVirus   Update Type: Full   User: NT AUTHORITY\SYSTEM   Current Engine Version:    Previous Engine Version: 1.1.9402.0   Error code: 0x8024402c   Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 
24-05-2013 20:35:59, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:    Previous Signature Version: 1.149.1765.0   Update Source: Microsoft Malware Protection Center   Update Stage: Search   Source Path: http://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x64&eng=2.1.8904.0&sig=17.36.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094   Signature Type: AntiVirus   Update Type: Full   User: NT AUTHORITY\NETWORK SERVICE   Current Engine Version:    Previous Engine Version: 1.1.9402.0   Error code: 0x80072ee7   Error description: The server name or address could not be resolved 
24-05-2013 20:35:59, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:    Previous Signature Version: 1.149.1765.0   Update Source: Microsoft Malware Protection Center   Update Stage: Search   Source Path: http://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x64&eng=2.1.8904.0&sig=17.36.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094   Signature Type: AntiVirus   Update Type: Full   User: NT AUTHORITY\NETWORK SERVICE   Current Engine Version:    Previous Engine Version: 1.1.9402.0   Error code: 0x80072ee7   Error description: The server name or address could not be resolved 
24-05-2013 20:35:59, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:    Previous Signature Version: 1.149.1765.0   Update Source: Microsoft Malware Protection Center   Update Stage: Search   Source Path: http://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x64&eng=2.1.8904.0&sig=17.36.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094   Signature Type: AntiSpyware   Update Type: Full   User: NT AUTHORITY\NETWORK SERVICE   Current Engine Version:    Previous Engine Version: 1.1.9402.0   Error code: 0x80072ee7   Error description: The server name or address could not be resolved 
24-05-2013 20:35:59, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:    Previous Signature Version: 1.149.1765.0   Update Source: Microsoft Malware Protection Center   Update Stage: Search   Source Path: http://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x64&eng=2.1.8904.0&sig=17.36.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094   Signature Type: AntiSpyware   Update Type: Full   User: NT AUTHORITY\NETWORK SERVICE   Current Engine Version:    Previous Engine Version: 1.1.9402.0   Error code: 0x80072ee7   Error description: The server name or address could not be resolved 
24-05-2013 20:35:59, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:    Previous Signature Version: 1.149.1765.0   Update Source: Microsoft Malware Protection Center   Update Stage: Search   Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=1.1.9402.0&avdelta=1.149.1765.0&asdelta=1.149.1765.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094   Signature Type: AntiVirus   Update Type: Full   User: NT AUTHORITY\NETWORK SERVICE   Current Engine Version:    Previous Engine Version: 1.1.9402.0   Error code: 0x80072ee7   Error description: The server name or address could not be resolved 
24-05-2013 20:35:59, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:    Previous Signature Version: 1.149.1765.0   Update Source: Microsoft Malware Protection Center   Update Stage: Search   Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=1.1.9402.0&avdelta=1.149.1765.0&asdelta=1.149.1765.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094   Signature Type: AntiVirus   Update Type: Full   User: NT AUTHORITY\NETWORK SERVICE   Current Engine Version:    Previous Engine Version: 1.1.9402.0   Error code: 0x80072ee7   Error description: The server name or address could not be resolved 
24-05-2013 20:35:59, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:    Previous Signature Version: 1.149.1765.0   Update Source: Microsoft Malware Protection Center   Update Stage: Search   Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=1.1.9402.0&avdelta=1.149.1765.0&asdelta=1.149.1765.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094   Signature Type: AntiSpyware   Update Type: Full   User: NT AUTHORITY\NETWORK SERVICE   Current Engine Version:    Previous Engine Version: 1.1.9402.0   Error code: 0x80072ee7   Error description: The server name or address could not be resolved 
24-05-2013 20:35:59, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:    Previous Signature Version: 1.149.1765.0   Update Source: Microsoft Malware Protection Center   Update Stage: Search   Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=1.1.9402.0&avdelta=1.149.1765.0&asdelta=1.149.1765.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094   Signature Type: AntiSpyware   Update Type: Full   User: NT AUTHORITY\NETWORK SERVICE   Current Engine Version:    Previous Engine Version: 1.1.9402.0   Error code: 0x80072ee7   Error description: The server name or address could not be resolved 
24-05-2013 20:26:22, Error: Microsoft Antimalware [3002]  - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed.   Feature: Behavior Monitoring   Error Code: 0x80004005   Error description: Unspecified error    Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
24-05-2013 20:17:43, Error: Microsoft Antimalware [3002]  - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed.   Feature: Behavior Monitoring   Error Code: 0x80004005   Error description: Unspecified error    Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
24-05-2013 20:09:58, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  AFD DfsC discache MpFilter NetBIOS NetBT nsiproxy Psched rdbss spldr tdx vwififlt Wanarpv6 WfpLwf
24-05-2013 20:09:50, Error: Service Control Manager [7001]  - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.
24-05-2013 20:09:50, Error: Service Control Manager [7001]  - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error:  A device attached to the system is not functioning.
24-05-2013 20:09:50, Error: Service Control Manager [7001]  - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error:  A device attached to the system is not functioning.
24-05-2013 20:09:50, Error: Service Control Manager [7001]  - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error:  The dependency service or group failed to start.
24-05-2013 20:09:50, Error: Service Control Manager [7001]  - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error:  The dependency service or group failed to start.
24-05-2013 20:09:50, Error: Service Control Manager [7001]  - The Simple TCP/IP Services service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error:  A device attached to the system is not functioning.
24-05-2013 20:09:50, Error: Service Control Manager [7001]  - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error:  A device attached to the system is not functioning.
24-05-2013 20:09:50, Error: Service Control Manager [7001]  - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.
24-05-2013 20:09:50, Error: Service Control Manager [7001]  - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.
24-05-2013 20:09:50, Error: Service Control Manager [7001]  - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error:  A device attached to the system is not functioning.
24-05-2013 20:09:50, Error: Service Control Manager [7001]  - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error:  A device attached to the system is not functioning.
24-05-2013 20:05:30, Error: Microsoft Antimalware [3002]  - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed.   Feature: Behavior Monitoring   Error Code: 0x80004005   Error description: Unspecified error    Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
24-05-2013 19:32:14, Error: Microsoft Antimalware [3002]  - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed.   Feature: Behavior Monitoring   Error Code: 0x80004005   Error description: Unspecified error    Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
23-05-2013 22:09:50, Error: Disk [11]  - The driver detected a controller error on \Device\Harddisk1\DR1.
23-05-2013 21:50:44, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:    Previous Signature Version: 1.149.1765.0   Update Source: Microsoft Update Server   Update Stage: Search   Source Path: http://www.microsoft.com   Signature Type: AntiVirus   Update Type: Full   User: NT AUTHORITY\SYSTEM   Current Engine Version:    Previous Engine Version: 1.1.9402.0   Error code: 0x8024402c   Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 
23-05-2013 21:50:44, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:    Previous Signature Version: 1.149.1765.0   Update Source: Microsoft Malware Protection Center   Update Stage: Search   Source Path: http://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x64&eng=2.1.8904.0&sig=17.36.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094   Signature Type: AntiVirus   Update Type: Full   User: NT AUTHORITY\NETWORK SERVICE   Current Engine Version:    Previous Engine Version: 1.1.9402.0   Error code: 0x80072ee7   Error description: The server name or address could not be resolved 
23-05-2013 21:50:44, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:    Previous Signature Version: 1.149.1765.0   Update Source: Microsoft Malware Protection Center   Update Stage: Search   Source Path: http://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x64&eng=2.1.8904.0&sig=17.36.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094   Signature Type: AntiVirus   Update Type: Full   User: NT AUTHORITY\NETWORK SERVICE   Current Engine Version:    Previous Engine Version: 1.1.9402.0   Error code: 0x80072ee7   Error description: The server name or address could not be resolved 
23-05-2013 21:50:44, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:    Previous Signature Version: 1.149.1765.0   Update Source: Microsoft Malware Protection Center   Update Stage: Search   Source Path: http://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x64&eng=2.1.8904.0&sig=17.36.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094   Signature Type: AntiSpyware   Update Type: Full   User: NT AUTHORITY\NETWORK SERVICE   Current Engine Version:    Previous Engine Version: 1.1.9402.0   Error code: 0x80072ee7   Error description: The server name or address could not be resolved 
23-05-2013 21:50:44, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:    Previous Signature Version: 1.149.1765.0   Update Source: Microsoft Malware Protection Center   Update Stage: Search   Source Path: http://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x64&eng=2.1.8904.0&sig=17.36.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094   Signature Type: AntiSpyware   Update Type: Full   User: NT AUTHORITY\NETWORK SERVICE   Current Engine Version:    Previous Engine Version: 1.1.9402.0   Error code: 0x80072ee7   Error description: The server name or address could not be resolved 
23-05-2013 21:50:44, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:    Previous Signature Version: 1.149.1765.0   Update Source: Microsoft Malware Protection Center   Update Stage: Search   Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=1.1.9402.0&avdelta=1.149.1765.0&asdelta=1.149.1765.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094   Signature Type: AntiVirus   Update Type: Full   User: NT AUTHORITY\NETWORK SERVICE   Current Engine Version:    Previous Engine Version: 1.1.9402.0   Error code: 0x80072ee7   Error description: The server name or address could not be resolved 
23-05-2013 21:50:44, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:    Previous Signature Version: 1.149.1765.0   Update Source: Microsoft Malware Protection Center   Update Stage: Search   Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=1.1.9402.0&avdelta=1.149.1765.0&asdelta=1.149.1765.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094   Signature Type: AntiVirus   Update Type: Full   User: NT AUTHORITY\NETWORK SERVICE   Current Engine Version:    Previous Engine Version: 1.1.9402.0   Error code: 0x80072ee7   Error description: The server name or address could not be resolved 
23-05-2013 21:50:44, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:    Previous Signature Version: 1.149.1765.0   Update Source: Microsoft Malware Protection Center   Update Stage: Search   Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=1.1.9402.0&avdelta=1.149.1765.0&asdelta=1.149.1765.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094   Signature Type: AntiSpyware   Update Type: Full   User: NT AUTHORITY\NETWORK SERVICE   Current Engine Version:    Previous Engine Version: 1.1.9402.0   Error code: 0x80072ee7   Error description: The server name or address could not be resolved 
23-05-2013 21:50:44, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:    Previous Signature Version: 1.149.1765.0   Update Source: Microsoft Malware Protection Center   Update Stage: Search   Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=1.1.9402.0&avdelta=1.149.1765.0&asdelta=1.149.1765.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094   Signature Type: AntiSpyware   Update Type: Full   User: NT AUTHORITY\NETWORK SERVICE   Current Engine Version:    Previous Engine Version: 1.1.9402.0   Error code: 0x80072ee7   Error description: The server name or address could not be resolved 
23-05-2013 21:41:08, Error: Microsoft Antimalware [3002]  - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed.   Feature: Behavior Monitoring   Error Code: 0x80004005   Error description: Unspecified error    Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
.
==== End Of File ===========================
 
===========================COMBOFIX===========================
ComboFix 13-05-25.02 - HP 27-05-2013  12:20:50.1.4 - x64
Microsoft Windows 7 Home Basic   6.1.7601.1.1252.91.1033.18.3998.2701 [GMT 5.5:30]
Running from: c:\users\HP\Downloads\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Outdated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Outdated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\1368095228.1544.bin
c:\programdata\1368095228.1840.bin
c:\programdata\1368095228.2892.bin
c:\programdata\1368095228.3768.bin
c:\programdata\1368095228.3772.bin
c:\programdata\1368095228.3796.bin
c:\programdata\1368095228.4148.bin
c:\programdata\1368095228.4448.bin
c:\programdata\1368095228.4956.bin
c:\programdata\1368095228.5544.bin
c:\programdata\1368254865.bdinstall.bin
c:\programdata\1368285735.bdinstall.bin
c:\programdata\1368292100.1808.bin
c:\programdata\1368292100.2884.bin
c:\programdata\1368292100.3300.bin
c:\programdata\1368292100.3344.bin
c:\programdata\1368292100.344.bin
c:\programdata\1368292100.3540.bin
c:\programdata\1368292100.4188.bin
c:\programdata\1368292100.4196.bin
c:\programdata\1368292100.5568.bin
c:\programdata\1368292100.6140.bin
c:\programdata\1368621083.2688.bin
c:\programdata\1368621083.304.bin
c:\programdata\1368621083.3792.bin
c:\programdata\1368621083.3908.bin
c:\programdata\1368621083.4080.bin
c:\programdata\1368621083.4400.bin
c:\programdata\1368621083.5032.bin
c:\programdata\1368621083.5212.bin
c:\programdata\1368621083.5744.bin
c:\programdata\1368621083.6032.bin
c:\programdata\1368623451.bdinstall.bin
c:\programdata\1368623578.1564.bin
c:\programdata\1368623578.2028.bin
c:\programdata\1368623578.3724.bin
c:\programdata\1368623578.4144.bin
c:\programdata\1368623578.4884.bin
c:\programdata\1368623578.5340.bin
c:\programdata\1368623578.5716.bin
c:\programdata\1368623578.5780.bin
c:\programdata\1368623578.5796.bin
c:\programdata\1368623578.5984.bin
c:\users\HP\AppData\Roaming\0a3
c:\users\HP\AppData\Roaming\0a3\1c.js
.
.
(((((((((((((((((((((((((((((((((((((((   Drivers/Services   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_DCService.exe
.
.
(((((((((((((((((((((((((   Files Created from 2013-04-27 to 2013-05-27  )))))))))))))))))))))))))))))))
.
.
2013-05-27 07:06 . 2013-05-27 07:06 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-05-27 06:00 . 2013-05-13 20:18 9460464 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B79500E3-2655-4ECB-A678-166C74BE954A}\mpengine.dll
2013-05-27 05:36 . 2013-05-27 05:36 786200 ----a-w- c:\windows\system32\drivers\iusb3xhc.sys
2013-05-25 11:25 . 2013-05-25 11:25 -------- d-----w- c:\users\HP\AppData\Roaming\funkitron
2013-05-25 10:35 . 2013-05-25 10:35 -------- d-----w- c:\users\HP\AppData\Roaming\iWing
2013-05-25 10:35 . 2013-05-25 10:35 -------- d-----w- c:\programdata\iWing
2013-05-24 18:56 . 2013-05-24 18:58 -------- d-----w- c:\program files (x86)\WMI Tools
2013-05-24 18:32 . 2012-10-23 00:34 972264 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{FF66FB4D-438A-421D-9E53-C9A804BCAEE2}\gapaengine.dll
2013-05-24 17:36 . 2013-05-24 17:36 4167680 ----a-w- c:\program files (x86)\GUT5976.tmp
2013-05-24 17:36 . 2013-05-24 17:36 -------- d-----w- c:\program files (x86)\GUM5975.tmp
2013-05-24 17:33 . 2009-12-11 08:02 120704 ----a-w- c:\windows\system32\drivers\CT_ZTEMT_U_USBSER.sys
2013-05-24 17:33 . 2013-05-24 17:33 -------- d-----w- c:\program files\MBlaze UI
2013-05-24 17:30 . 2013-05-24 17:54 48135 ----a-w- c:\users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\4a684.js
2013-05-24 17:30 . 2013-05-24 17:54 48135 ----a-w- c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\4a684.js
2013-05-24 17:14 . 2013-05-24 17:14 -------- d-----w- c:\users\HP\AppData\Roaming\PeerNetworking
2013-05-24 17:04 . 2013-05-24 17:04 -------- d-----w- c:\users\HP\AppData\Roaming\IDT
2013-05-24 15:44 . 2013-05-24 15:44 -------- d-----w- c:\users\HP\AppData\Roaming\Malwarebytes
2013-05-24 15:43 . 2013-05-24 15:43 -------- d-----w- c:\programdata\Malwarebytes
2013-05-24 15:43 . 2013-05-24 15:43 -------- d-----w- c:\users\HP\AppData\Local\Programs
2013-05-24 15:13 . 2013-05-24 15:13 -------- d-----w- c:\users\HP\AppData\Roaming\ZTEMTUI
2013-05-10 09:23 . 2013-05-25 10:33 -------- d-----w- c:\users\HP\AppData\Roaming\WildTangent
2013-05-09 11:05 . 2013-05-24 17:38 -------- d-----w- c:\program files (x86)\Virus Secure Lab
2013-05-09 10:30 . 2013-05-09 10:30 -------- d-----w- c:\users\HP\AppData\Roaming\QuickScan
2013-05-08 09:08 . 2013-05-15 13:32 -------- d-----w- c:\program files\Common Files\Bitdefender
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-27 05:36 . 2012-05-03 09:41 41984 ----a-w- c:\windows\system32\drivers\USB3Ver.dll
2013-05-15 13:12 . 2011-03-29 02:36 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-13 20:18 . 2012-10-02 06:56 9460464 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-05-02 15:29 . 2010-11-21 03:27 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-04-18 15:29 . 2013-04-18 15:29 4126720 ----a-w- c:\program files (x86)\GUT2000.tmp
2013-04-02 14:09 . 2013-04-02 14:09 4550656 ----a-w- c:\windows\SysWow64\GPhotos.scr
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14}"= "c:\program files (x86)\BitTorrentControl_v12\prxtbBitT.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14}]
2011-05-09 09:49 176936 ----a-w- c:\program files (x86)\BitTorrentControl_v12\prxtbBitT.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14}"= "c:\program files (x86)\BitTorrentControl_v12\prxtbBitT.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HW_OPENEYE_OUC_MegaFon Internet"="c:\program files (x86)\MegaFon Internet\UpdateDog\ouc.exe" [2009-04-14 110592]
"DAEMON Tools Pro Agent"="c:\program files (x86)\DAEMON Tools Pro\DTAgent.exe" [2012-04-26 3111744]
"BitTorrent"="c:\program files (x86)\BitTorrent\BitTorrent.exe" [2012-09-23 1398680]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2011-12-05 291096]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-01-18 343168]
"RemoteControl10"="c:\program files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" [2011-03-30 87336]
"HPOSD"="c:\program files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe" [2011-08-19 379960]
"HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2011-11-30 576568]
"HP CoolSense"="c:\program files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe" [2011-08-26 1342008]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
.
c:\users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
4a684.js [2013-5-24 48135]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
4a684.js [2013-5-24 48135]
McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\3.0.207\SSScheduler.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoFileUrl"= 0 (0x0)
"NoUpdateCheck"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-10 86072]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
R3 BTMCOM;Bluetooth Serial Port;c:\windows\System32\Drivers\btmcom.sys [2011-02-23 52736]
R3 BTMHID;BTMHID;c:\windows\system32\drivers\btmhid.sys [2011-02-23 34176]
R3 BTMMODEM;Bluetooth Modem Device;c:\windows\system32\DRIVERS\btmcom.sys [2011-02-23 52736]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [2010-03-20 114560]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [2010-04-30 252928]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R3 iusb3hub;Intel® USB 3.0 Hub Driver;c:\windows\system32\drivers\iusb3hub.sys [2011-12-05 355096]
R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\drivers\iusb3xhc.sys [2013-05-27 786200]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 40832]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 84864]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 288272]
R3 RSP2STOR;Realtek PCIE CardReader Driver - P2;c:\windows\system32\DRIVERS\RtsP2Stor.sys [2011-09-21 258664]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 amdkmpfd;AMD PCI Root Bus Lower Filter;c:\windows\system32\DRIVERS\amdkmpfd.sys [2012-01-18 31360]
S0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;c:\windows\system32\drivers\iusb3hcs.sys [2011-12-05 16152]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-09-23 283200]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-01-18 235520]
S2 Bluetooth Media Service;Bluetooth Media Service;c:\program files\Motorola\Bluetooth\audiosrv.exe [2011-03-18 1193040]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files\Motorola\Bluetooth\obexsrv.exe [2011-05-05 783704]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-11-23 227896]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2011-05-13 30520]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2011-11-30 34872]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-11-30 13592]
S2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2011-12-08 607456]
S2 Intel® ME Service;Intel® ME Service;c:\program files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [2011-12-16 128280]
S2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [2011-12-16 161560]
S2 PanService;PandoraService;c:\program files (x86)\PANDORA.TV\PanService\PandoraService.exe [2011-12-07 577752]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-04-15 3289208]
S2 UDisk Monitor;UDisk Monitor;c:\program files\MBlaze UI\bin\MonServiceUDisk.exe [2009-12-11 403456]
S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-12-16 363800]
S3 Bluetooth Device Manager;Bluetooth Device Manager;c:\program files\Motorola\Bluetooth\devmgrsrv.exe [2011-04-16 4180824]
S3 BTMNET;Motorola Bluetooth Network Adapter Service;c:\windows\system32\DRIVERS\btmnet.sys [2011-02-23 30208]
S3 BTMUSB;Motorola Bluetooth Radio Service;c:\windows\system32\Drivers\btmusb.sys [2011-03-23 663936]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [2010-07-28 31088]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-05-03 1028096]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [2010-05-22 83456]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2011-12-06 331264]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys [2012-01-06 14652768]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [2011-11-15 1813056]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-08-24 565352]
S3 ztemtusbser;ZTEMT Legacy Serial Communication;c:\windows\system32\DRIVERS\CT_ZTEMT_U_USBSER.sys [2009-12-11 120704]
.
.
Contents of the 'Scheduled Tasks' folder
.
2013-05-27 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-02-04 14:25]
.
2013-05-27 c:\windows\Tasks\DriverScanner.job
- c:\program files (x86)\Uniblue\DriverScanner\dsmonitor.exe [2012-09-23 07:21]
.
2013-05-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3468079603-2670659421-1030566852-1000Core.job
- c:\users\HP\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-23 04:22]
.
2013-05-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3468079603-2670659421-1030566852-1000UA.job
- c:\users\HP\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-23 04:22]
.
2013-05-05 c:\windows\Tasks\HPCeeScheduleForHP-HP$.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 12:43]
.
2013-05-27 c:\windows\Tasks\HPCeeScheduleForHP.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 12:43]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2012-01-04 1425408]
"SetDefault"="c:\program files\Hewlett-Packard\HP LaunchBox\SetDefault.exe" [2011-12-20 44880]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-01-06 440600]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 1436736]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-01-06 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-01-06 398104]
"BTMTrayAgent"="c:\program files\Motorola\Bluetooth\btmshell.dll" [2011-04-22 25754968]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://indiasearcher.in/r.asp#
uLocal Page = c:\windows\system32\blank.htm
uDefault_Search_URL = hxxp://www.google.com/ie
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~2\MIF5BA~1\Office12\EXCEL.EXE/3000
IE: {{bd707fe6-39f6-4bda-9265-86a76719bdc5} - c:\program files\Motorola\Bluetooth\btmiesend.htm
TCP: Interfaces\{1831D6A4-19D7-471A-964D-59EAD299B3C6}: NameServer = 10.228.129.113 10.228.129.114
TCP: Interfaces\{62D42567-5E78-4F95-AEBE-278ABC83B8FA}: NameServer = 202.148.200.3 202.148.202.4
TCP: Interfaces\{78475112-ED01-4B9A-B241-61D149F9A4FF}: NameServer = 202.148.200.3 202.148.202.4
FF - ProfilePath - c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\itjns02n.default\
FF - prefs.js: browser.search.selectedEngine - AVG Secure Search
FF - user.js: keyword.URL - hxxp://indiasearcher.in/r.asp#);user_pref(browser.startup.homepage, http://indiasearcher.in/r.asp#
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKCU-Run-DriverScanner - c:\program files (x86)\Uniblue\DriverScanner\launcher.exe
Wow6432Node-HKLM-Run-ROC_ROC_NT - c:\program files (x86)\AVG Secure Search\ROC_ROC_NT.exe
HKLM_Wow6432Node-ActiveSetup-{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} - msiexec
WebBrowser-{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Virus Effect Remover - Version 3.2.2.26_20100312_is1 - c:\program files (x86)\Virus Secure Lab\Virus Effect Remover\unins000.exe
AddRemove-{6F44AF95-3CDE-4513-AD3F-6D45F17BF324} - c:\program files (x86)\InstallShield Installation Information\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}\setup.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\windows\SysWOW64\PnkBstrB.exe
c:\program files (x86)\DAEMON Tools Pro\DTShellHlp.exe
c:\users\HP\AppData\Roaming\MegaFon Internet\ouc.exe
c:\program files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
c:\program files\Motorola\Bluetooth\btplayerctrl.exe
c:\program files (x86)\CyberLink\YouCam\YCMMirage.exe
c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Completion time: 2013-05-27  12:54:36 - machine was rebooted
ComboFix-quarantined-files.txt  2013-05-27 07:24
.
Pre-Run: 172,464,177,152 bytes free
Post-Run: 180,446,830,592 bytes free
.
- - End Of File - - CC8FF36AB09D06CA47850BC3E49E4B56
 

 

 

 



BC AdBot (Login to Remove)

 


#2 rajuvishnu52

rajuvishnu52
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Kerala,India
  • Local time:11:27 AM

Posted 27 May 2013 - 12:39 PM

Please help me :-(



#3 nasdaq

nasdaq

  • Malware Response Team
  • 39,559 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:01:57 AM

Posted 29 May 2013 - 10:03 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.
===

--RogueKiller--
  • Download & SAVE to your Desktop RogueKiller for 32bit or Roguekiller for 64bit
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
  • For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • click on "delete"
  • Wait until the Status box shows "Deleting Finished"
  • Click on "Report" and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
  • Exit/Close RogueKiller+

  • Search and delete the AdWare, PUP (Potentially Unwanted Program) installed on your computer.

    Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete tab follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Rn].txt (n is a number).
  • ===

    thisisujrt.gif Please download
    Junkware Removal Tool to your Desktop.
  • Please close your security software to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete, depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
  • Please post the contents of JRT.txt into your reply.
  • ===


    Please paste the logs in your next reply, DO NOT ATTACH THEM
    Let me know what problem persists.


#4 rajuvishnu52

rajuvishnu52
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Kerala,India
  • Local time:11:27 AM

Posted 03 June 2013 - 01:31 AM

Hi Nasdaq,

  Thanks a lot.I am sorry for the delay.My body was also infected by some virus and hence i am hospitalised.as soon as i get access to my lap I will do as you said.

 

regards ,

vishnu.



#5 nasdaq

nasdaq

  • Malware Response Team
  • 39,559 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:01:57 AM

Posted 03 June 2013 - 07:42 AM

No problems good luck.

#6 rajuvishnu52

rajuvishnu52
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Kerala,India
  • Local time:11:27 AM

Posted 04 June 2013 - 11:37 PM

Hi Nasdaq,

  Thank you for your patience.I have done all the steps that you have told.System is running fine(i think).

 

The logs are :-

 

RK Reports

 

RK[1]

 

RogueKiller V8.5.4 _x64_ [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
 
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : HP [Admin rights]
Mode : Scan -- Date : 06/05/2013 09:39:29
| ARK || FAK || MBR |
 
¤¤¤ Bad processes : 1 ¤¤¤
[SUSP PATH] ouc.exe -- C:\Users\HP\AppData\Roaming\MegaFon Internet\ouc.exe [-] -> KILLED [TermProc]
 
¤¤¤ Registry Entries : 15 ¤¤¤
[DNS] HKLM\[...]\ControlSet001\Services\Tcpip\Interfaces\{62D42567-5E78-4F95-AEBE-278ABC83B8FA} : NameServer (202.148.200.3 202.148.202.4) -> FOUND
[DNS] HKLM\[...]\ControlSet001\Services\Tcpip\Interfaces\{78475112-ED01-4B9A-B241-61D149F9A4FF} : NameServer (202.148.200.3 202.148.202.4) -> FOUND
[DNS] HKLM\[...]\ControlSet002\Services\Tcpip\Interfaces\{62D42567-5E78-4F95-AEBE-278ABC83B8FA} : NameServer (202.148.200.3 202.148.202.4) -> FOUND
[DNS] HKLM\[...]\ControlSet002\Services\Tcpip\Interfaces\{78475112-ED01-4B9A-B241-61D149F9A4FF} : NameServer (202.148.200.3 202.148.202.4) -> FOUND
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJPOL] HKLM\[...]\Wow6432Node\System : DisableRegistryTools (0) -> FOUND
[HJ] HKLM\[...]\Wow6432Node\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND
[HJ] HKLM\[...]\Wow6432Node\System : EnableLUA (0) -> FOUND
[HJ SMENU] HKCU\[...]\Advanced : Start_TrackProgs (0) -> FOUND
[HJ DESK] HKCU\[...]\ClassicStartMenu : {59031A47-3F72-44A7-89C5-5595FE6B30EE} (1) -> FOUND
[HJ DESK] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
 
¤¤¤ Particular Files / Folders: ¤¤¤
 
¤¤¤ Driver : [NOT LOADED] ¤¤¤
 
¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
 
127.0.0.1       localhost
 
 
¤¤¤ MBR Check: ¤¤¤
 
+++++ PhysicalDrive0: Hitachi HTS547550A9E384 +++++
--- User ---
[MBR] a4f587a76f7abcbeed5d285bad78431d
[BSP] 4b25b45f05850fa78eeacc55fe31b24f : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 228229 Mo
2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 467822592 | Size: 227103 Mo
3 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 932929536 | Size: 21304 Mo
User = LL1 ... OK!
User != LL2 ... KO!
--- LL2 ---
[MBR] d939f25995c19999d57ac876a5611a9c
[BSP] 4b25b45f05850fa78eeacc55fe31b24f : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 455332 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 932929536 | Size: 21304 Mo
3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 976560128 | Size: 103 Mo
 
Finished : << RKreport[1]_S_06052013_02d0939.txt >>
RKreport[1]_S_06052013_02d0939.txt
 
 
 

RK[2]

 

RogueKiller V8.5.4 _x64_ [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
 
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : HP [Admin rights]
Mode : Remove -- Date : 06/05/2013 09:41:16
| ARK || FAK || MBR |
 
¤¤¤ Bad processes : 1 ¤¤¤
[SUSP PATH] ouc.exe -- C:\Users\HP\AppData\Roaming\MegaFon Internet\ouc.exe [-] -> KILLED [TermProc]
 
¤¤¤ Registry Entries : 12 ¤¤¤
[DNS] HKLM\[...]\ControlSet001\Services\Tcpip\Interfaces\{62D42567-5E78-4F95-AEBE-278ABC83B8FA} : NameServer (202.148.200.3 202.148.202.4) -> NOT REMOVED, USE DNSFIX
[DNS] HKLM\[...]\ControlSet001\Services\Tcpip\Interfaces\{78475112-ED01-4B9A-B241-61D149F9A4FF} : NameServer (202.148.200.3 202.148.202.4) -> NOT REMOVED, USE DNSFIX
[DNS] HKLM\[...]\ControlSet002\Services\Tcpip\Interfaces\{62D42567-5E78-4F95-AEBE-278ABC83B8FA} : NameServer (202.148.200.3 202.148.202.4) -> NOT REMOVED, USE DNSFIX
[DNS] HKLM\[...]\ControlSet002\Services\Tcpip\Interfaces\{78475112-ED01-4B9A-B241-61D149F9A4FF} : NameServer (202.148.200.3 202.148.202.4) -> NOT REMOVED, USE DNSFIX
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> REPLACED (2)
[HJ] HKLM\[...]\System : EnableLUA (0) -> REPLACED (1)
[HJ SMENU] HKCU\[...]\Advanced : Start_TrackProgs (0) -> REPLACED (1)
[HJ DESK] HKCU\[...]\ClassicStartMenu : {59031A47-3F72-44A7-89C5-5595FE6B30EE} (1) -> REPLACED (0)
[HJ DESK] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
 
¤¤¤ Particular Files / Folders: ¤¤¤
 
¤¤¤ Driver : [NOT LOADED] ¤¤¤
 
¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
 
127.0.0.1       localhost
 
 
¤¤¤ MBR Check: ¤¤¤
 
+++++ PhysicalDrive0: Hitachi HTS547550A9E384 +++++
--- User ---
[MBR] a4f587a76f7abcbeed5d285bad78431d
[BSP] 4b25b45f05850fa78eeacc55fe31b24f : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 228229 Mo
2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 467822592 | Size: 227103 Mo
3 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 932929536 | Size: 21304 Mo
User = LL1 ... OK!
User != LL2 ... KO!
--- LL2 ---
[MBR] d939f25995c19999d57ac876a5611a9c
[BSP] 4b25b45f05850fa78eeacc55fe31b24f : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 455332 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 932929536 | Size: 21304 Mo
3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 976560128 | Size: 103 Mo
 
Finished : << RKreport[2]_D_06052013_02d0941.txt >>
RKreport[1]_S_06052013_02d0939.txt ; RKreport[2]_D_06052013_02d0941.txt
 
 
 

 

AWD

 

# AdwCleaner v2.301 - Logfile created 06/05/2013 at 09:44:44

# Updated 16/05/2013 by Xplode
# Operating system : Windows 7 Home Basic Service Pack 1 (64 bits)
# User : HP - HP-HP
# Boot Mode : Normal
# Running from : C:\Users\HP\Downloads\Desktop\adwcleaner.exe
# Option [Delete]
 
 
***** [Services] *****
 
 
***** [Files / Folders] *****
 
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Users\HP\AppData\Local\Conduit
Folder Deleted : C:\Users\HP\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\itjns02n.default\CT3225826
Folder Deleted : C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\itjns02n.default\extensions\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14}
Folder Deleted : C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\itjns02n.default\Smartbar
Folder Deleted : C:\Users\HP\AppData\Roaming\OpenCandy
 
***** [Registry] *****
 
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3225826
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
 
***** [Internet Browsers] *****
 
-\\ Internet Explorer v9.0.8112.16450
 
[OK] Registry is clean.
 
-\\ Mozilla Firefox v14.0.1 (en-US)
 
File : C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\itjns02n.default\prefs.js
 
C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\itjns02n.default\user.js ... Deleted !
 
Deleted : user_pref("CT3225826.BT_Stats", "{\"last_log\":1365135756,\"uuid\":432417119127522,\"seq_id\":2,\"ss[...]
Deleted : user_pref("CT3225826.CBOpenMAMSettings", "0");
Deleted : user_pref("CT3225826.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT3225826.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
Deleted : user_pref("CT3225826.FirstTime", "true");
Deleted : user_pref("CT3225826.FirstTimeFF3", "true");
Deleted : user_pref("CT3225826.UserID", "UN45320292556813213");
Deleted : user_pref("CT3225826.addressBarTakeOverEnabledInHidden", "true");
Deleted : user_pref("CT3225826.autoDisableScopes", -1);
Deleted : user_pref("CT3225826.cbcountry_001", "IN");
Deleted : user_pref("CT3225826.cbfirsttime", "Sun Dec 30 2012 04:03:30 GMT+0530 (India Standard Time)");
Deleted : user_pref("CT3225826.defaultSearch", "FALSE");
Deleted : user_pref("CT3225826.embeddedsData", "[{\"appId\":\"129830626805552092\",\"apiPermissions\":{\"cross[...]
Deleted : user_pref("CT3225826.enableAlerts", "always");
Deleted : user_pref("CT3225826.enableSearchFromAddressBar", "FALSE");
Deleted : user_pref("CT3225826.firstTimeDialogOpened", "true");
Deleted : user_pref("CT3225826.fixPageNotFoundError", "true");
Deleted : user_pref("CT3225826.fixPageNotFoundErrorInHidden", "true");
Deleted : user_pref("CT3225826.fixUrls", true);
Deleted : user_pref("CT3225826.installId", "fft7BC5.tmp.exe");
Deleted : user_pref("CT3225826.installType", "XPE");
Deleted : user_pref("CT3225826.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT3225826.isNewTabEnabled", true);
Deleted : user_pref("CT3225826.isPerformedSmartBarTransition", "true");
Deleted : user_pref("CT3225826.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Deleted : user_pref("CT3225826.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Deleted : user_pref("CT3225826.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"about%3Ahome\",\"EB_MAIN_FRAM[...]
Deleted : user_pref("CT3225826.openThankYouPage", "true");
Deleted : user_pref("CT3225826.openUninstallPage", "FALSE");
Deleted : user_pref("CT3225826.search.searchAppId", "129830626805552092");
Deleted : user_pref("CT3225826.search.searchCount", "0");
Deleted : user_pref("CT3225826.searchInNewTabEnabledInHidden", "true");
Deleted : user_pref("CT3225826.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT3225826.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
Deleted : user_pref("CT3225826.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...]
Deleted : user_pref("CT3225826.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Deleted : user_pref("CT3225826.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Deleted : user_pref("CT3225826.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Deleted : user_pref("CT3225826.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Deleted : user_pref("CT3225826.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1356820405391");
Deleted : user_pref("CT3225826.serviceLayer_services_appsMetadata_lastUpdate", "1356820406411");
Deleted : user_pref("CT3225826.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1356820407374");
Deleted : user_pref("CT3225826.serviceLayer_services_login_10.10.27.6_lastUpdate", "1356820415883");
Deleted : user_pref("CT3225826.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1356820407305");
Deleted : user_pref("CT3225826.serviceLayer_services_searchAPI_lastUpdate", "1356820403695");
Deleted : user_pref("CT3225826.serviceLayer_services_serviceMap_lastUpdate", "1356820400586");
Deleted : user_pref("CT3225826.serviceLayer_services_toolbarContextMenu_lastUpdate", "1356820407403");
Deleted : user_pref("CT3225826.serviceLayer_services_toolbarSettings_lastUpdate", "1356820402613");
Deleted : user_pref("CT3225826.serviceLayer_services_translation_lastUpdate", "1356820410541");
Deleted : user_pref("CT3225826.settingsINI", true);
Deleted : user_pref("CT3225826.shouldFirstTimeDialog", "false");
Deleted : user_pref("CT3225826.smartbar.CTID", "CT3225826");
Deleted : user_pref("CT3225826.smartbar.Uninstall", "0");
Deleted : user_pref("CT3225826.smartbar.toolbarName", "BitTorrentControl_v12 ");
Deleted : user_pref("CT3225826.toolbarBornServerTime", "30-12-2012");
Deleted : user_pref("CT3225826.toolbarCurrentServerTime", "30-12-2012");
Deleted : user_pref("browser.search.selectedEngine", "AVG Secure Search");
 
-\\ Google Chrome v27.0.1453.94
 
File : C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Preferences
 
[OK] File is clean.
 
*************************
 
AdwCleaner[S1].txt - [7492 octets] - [05/06/2013 09:44:44]
 
########## EOF - C:\AdwCleaner[S1].txt - [7552 octets] ##########
 
JRT
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 7 Home Basic x64
Ran by HP on 05-06-2013 at  9:50:49.79
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{595960A9-5868-4A8F-86A0-C8447681D823}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} 
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} 
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
~~~ Chrome
 
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Google\Chrome\Extensions\dknkjnkhedbanphkkpbpcgoblmkbfhlf
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\dknkjnkhedbanphkkpbpcgoblmkbfhlf
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 05-06-2013 at  9:56:00.07
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

 



#7 nasdaq

nasdaq

  • Malware Response Team
  • 39,559 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:01:57 AM

Posted 05 June 2013 - 08:54 AM


Read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • Double-click on TDSSKiller.exe to run the application.
    tdss1.png
  • Click Change parameters
    settings20121003115955.png
  • Check the boxes next to Verify Driver Digital Signature and Detect TDLFS file system, then click OK
    tdss3.png
  • Click on the Start Scan button to begin the scan and wait for it to finish.
    NOTE: Do not use the computer during the scan!
  • During the scan it will look similar to the image below:
    tdss4.jpg
  • When it finishes, you will either see a report that no threats were found like below:
    tdss5.jpg
    If no threats are found at this point, just click the Report selection on the top right of the form to generate a log. A log file report will pop which you can just close since the report file is already saved.
  • If any infection or suspected items are found, you will see a window similar to below:
    tdss7.jpg
    • If you have files that are shown to fail signature check do not take any action on these. Make sure you select Skip. I will tell you what to do with these later. They may not be issues at all.
    • If Suspicious objects are detected, the default action will be Skip. Leave the default set to Skip.
    • If Malicious objects are detected, they will show in the Scan results. TDSSKiller automatically selects an action (Cure or Delete) for malicious objects
    • Make sure that Cure is selected. Important! - If Cure is not available, please choose Skip instead. Do not choose Delete unless instructed to do so.
  • Click Continue to apply selected actions.
  • A reboot may be required to complete disinfection. A window like the below will appear:
    tdss6.jpg
    Reboot immediately if TDSSKiller states that one is needed.
  • Whether an infection is found or not, a log file should have already been created on your C: drive (or whatever drive you boot from) in the root folder named something like TDSSKiller.2.1.1_27.12.2009_14.17.04_log.txt which is based on the program version # and date and time run.
  • Paste the log to your next reply, DO NOT ATTACH IT.
===

Download http://public.avast.com/~gmerek/aswMBR.exe (aswMBR.exe) to your desktop. Double click the aswMBR.exe to run it.
  • Click the "Scan" button to start scan.
  • Upon completion of the scan, click Save log, and save it to your desktop. (Note - do not select any Fix at this time) <- IMPORTANT
  • Please paste the contents of that log in your next reply.
There shall also be a file on your desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) folder. Please attach that zipped file in your next reply.
===

#8 rajuvishnu52

rajuvishnu52
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Kerala,India
  • Local time:11:27 AM

Posted 05 June 2013 - 01:08 PM

Hi Nasdaq,

 I cant find the logs.....I think its not generated.....So I will describe the threats ----

 

1.Unsigned File 

Service :FLEXnet Licensing service

2.Unsigned File 

Service :FLEXnet Licensing service 64

2.Unsigned File 

Service :UDisk Monitor

these are of minimum risk and action is "SKIP"



#9 rajuvishnu52

rajuvishnu52
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Kerala,India
  • Local time:11:27 AM

Posted 05 June 2013 - 01:12 PM

 
aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2013-06-05 23:40:21
-----------------------------
23:40:21.345    OS Version: Windows x64 6.1.7601 Service Pack 1
23:40:21.346    Number of processors: 4 586 0x3A09
23:40:21.347    ComputerName: HP-HP  UserName: HP
23:40:22.236    Initialize success
23:40:43.438    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
23:40:43.441    Disk 0 Vendor: Hitachi_ JE3O Size: 476940MB BusType: 3
23:40:43.555    Disk 0 MBR read successfully
23:40:43.558    Disk 0 MBR scan
23:40:43.562    Disk 0 Windows 7 default MBR code
23:40:43.566    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS          199 MB offset 2048
23:40:43.573    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       228229 MB offset 409600
23:40:43.577    Disk 0 Partition - 00     0F Extended LBA            227103 MB offset 467822592
23:40:43.605    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS        21304 MB offset 932929536
23:40:43.648    Disk 0 Partition 4 00     07    HPFS/NTFS NTFS       227102 MB offset 467824640
23:40:43.770    Disk 0 scanning C:\Windows\system32\drivers
23:40:51.249    Service scanning
23:41:14.998    Modules scanning
23:41:15.010    Disk 0 trace - called modules:
23:41:15.033    ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys iaStor.sys hal.dll 
23:41:15.040    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800650e790]
23:41:15.048    3 CLASSPNP.SYS[fffff88001c8d43f] -> nt!IofCallDriver -> [0xfffffa8005205b10]
23:41:15.055    5 hpdskflt.sys[fffff8800161d189] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8006512050]
23:41:15.062    Scan finished successfully
23:41:42.711    Disk 0 MBR has been saved successfully to "C:\Users\HP\Downloads\Desktop\MBR.dat"
23:41:42.719    The log file has been saved successfully to "C:\Users\HP\Downloads\Desktop\aswMBR.txt"


#10 rajuvishnu52

rajuvishnu52
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Kerala,India
  • Local time:11:27 AM

Posted 05 June 2013 - 10:13 PM

I have attatched the mbr.dat file

Attached Files

  • Attached File  MBR.zip   615bytes   0 downloads

Edited by rajuvishnu52, 05 June 2013 - 10:36 PM.


#11 nasdaq

nasdaq

  • Malware Response Team
  • 39,559 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:01:57 AM

Posted 06 June 2013 - 07:25 AM

Look for this type of file on your computer TDSSKiller.2.1.1_27.12.2009_14.17.04_log.txt

In your computer search box type TDSSKiller*.txt if the file was created you will see the title in the pane.
Open the file with Notepad and post the results.

In all how is the computer performing.

#12 rajuvishnu52

rajuvishnu52
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Kerala,India
  • Local time:11:27 AM

Posted 06 June 2013 - 10:37 AM

HI,

I have found it..

 

20:58:39.0569 4580  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
20:58:39.0585 4580  ============================================================
20:58:39.0585 4580  Current date / time: 2013/05/24 20:58:39.0585
20:58:39.0585 4580  SystemInfo:
20:58:39.0585 4580  
20:58:39.0585 4580  OS Version: 6.1.7601 ServicePack: 1.0
20:58:39.0585 4580  Product type: Workstation
20:58:39.0585 4580  ComputerName: HP-HP
20:58:39.0586 4580  UserName: HP
20:58:39.0586 4580  Windows directory: C:\Windows
20:58:39.0586 4580  System windows directory: C:\Windows
20:58:39.0586 4580  Running under WOW64
20:58:39.0586 4580  Processor architecture: Intel x64
20:58:39.0586 4580  Number of processors: 4
20:58:39.0586 4580  Page size: 0x1000
20:58:39.0586 4580  Boot type: Normal boot
20:58:39.0586 4580  ============================================================
20:58:40.0788 4580  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:58:40.0807 4580  ============================================================
20:58:40.0807 4580  \Device\Harddisk0\DR0:
20:58:40.0807 4580  MBR partitions:
20:58:40.0807 4580  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
20:58:40.0807 4580  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x1BDC2800
20:58:40.0828 4580  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1BE27000, BlocksNum 0x1BB8F000
20:58:40.0828 4580  \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x379B6000, BlocksNum 0x299C000
20:58:40.0828 4580  ============================================================
20:58:40.0860 4580  C: <-> \Device\Harddisk0\DR0\Partition2
20:58:40.0897 4580  D: <-> \Device\Harddisk0\DR0\Partition4
20:58:40.0945 4580  F: <-> \Device\Harddisk0\DR0\Partition3
20:58:40.0945 4580  ============================================================
20:58:40.0945 4580  Initialize success
20:58:40.0945 4580  ============================================================
20:58:41.0793 4652  ============================================================
20:58:41.0793 4652  Scan started
20:58:41.0793 4652  Mode: Manual; 
20:58:41.0793 4652  ============================================================
20:58:42.0448 4652  ================ Scan system memory ========================
20:58:42.0448 4652  System memory - ok
20:58:42.0449 4652  ================ Scan services =============================
20:58:44.0233 4652  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
20:58:44.0236 4652  1394ohci - ok
20:58:44.0328 4652  [ 5C368F4B04ED2A923E6AFCA2D37BAFF5 ] Accelerometer   C:\Windows\system32\drivers\Accelerometer.sys
20:58:44.0329 4652  Accelerometer - ok
20:58:44.0421 4652  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
20:58:44.0424 4652  ACPI - ok
20:58:44.0477 4652  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
20:58:44.0478 4652  AcpiPmi - ok
20:58:44.0688 4652  [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:58:44.0689 4652  AdobeARMservice - ok
20:58:45.0359 4652  [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:58:45.0362 4652  AdobeFlashPlayerUpdateSvc - ok
20:58:45.0510 4652  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
20:58:45.0515 4652  adp94xx - ok
20:58:45.0607 4652  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
20:58:45.0611 4652  adpahci - ok
20:58:45.0782 4652  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
20:58:45.0784 4652  adpu320 - ok
20:58:45.0844 4652  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
20:58:45.0845 4652  AeLookupSvc - ok
20:58:45.0938 4652  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
20:58:45.0942 4652  AFD - ok
20:58:46.0001 4652  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
20:58:46.0002 4652  agp440 - ok
20:58:46.0132 4652  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
20:58:46.0133 4652  ALG - ok
20:58:46.0262 4652  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
20:58:46.0263 4652  aliide - ok
20:58:46.0333 4652  [ 010F8750A454224982CED18F35AA2C04 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
20:58:46.0336 4652  AMD External Events Utility - ok
20:58:46.0390 4652  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
20:58:46.0391 4652  amdide - ok
20:58:46.0482 4652  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
20:58:46.0483 4652  AmdK8 - ok
20:58:47.0586 4652  [ 623EC962E3F8366B3C5DD03B51DE5075 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
20:58:47.0681 4652  amdkmdag - ok
20:58:47.0830 4652  [ DF73398D14D9A20E0E1ADAEDA63B32D5 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
20:58:47.0833 4652  amdkmdap - ok
20:58:47.0890 4652  [ 19D7EED3928930BAFC541F1758AA6AA1 ] amdkmpfd        C:\Windows\system32\DRIVERS\amdkmpfd.sys
20:58:47.0891 4652  amdkmpfd - ok
20:58:47.0939 4652  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
20:58:47.0940 4652  AmdPPM - ok
20:58:47.0997 4652  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
20:58:47.0998 4652  amdsata - ok
20:58:48.0066 4652  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
20:58:48.0068 4652  amdsbs - ok
20:58:48.0132 4652  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
20:58:48.0133 4652  amdxata - ok
20:58:48.0216 4652  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
20:58:48.0218 4652  AppID - ok
20:58:48.0272 4652  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
20:58:48.0273 4652  AppIDSvc - ok
20:58:48.0341 4652  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
20:58:48.0342 4652  Appinfo - ok
20:58:48.0422 4652  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
20:58:48.0423 4652  arc - ok
20:58:48.0440 4652  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
20:58:48.0442 4652  arcsas - ok
20:58:48.0531 4652  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
20:58:48.0532 4652  AsyncMac - ok
20:58:48.0626 4652  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
20:58:48.0627 4652  atapi - ok
20:58:48.0717 4652  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:58:48.0724 4652  AudioEndpointBuilder - ok
20:58:48.0741 4652  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
20:58:48.0748 4652  AudioSrv - ok
20:58:48.0803 4652  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
20:58:48.0805 4652  AxInstSV - ok
20:58:48.0893 4652  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
20:58:48.0898 4652  b06bdrv - ok
20:58:48.0999 4652  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
20:58:49.0002 4652  b57nd60a - ok
20:58:49.0121 4652  [ 9E84A931DBEE0292E38ED672F6293A99 ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl664.sys
20:58:49.0132 4652  BCM43XX - ok
20:58:49.0172 4652  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
20:58:49.0173 4652  BDESVC - ok
20:58:49.0254 4652  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
20:58:49.0255 4652  Beep - ok
20:58:49.0334 4652  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
20:58:49.0340 4652  BFE - ok
20:58:49.0398 4652  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
20:58:49.0407 4652  BITS - ok
20:58:49.0462 4652  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
20:58:49.0463 4652  blbdrive - ok
20:58:50.0170 4652  [ 480D0E5DDA86E40C421ACFF54B12CBE0 ] Bluetooth Device Manager C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
20:58:50.0208 4652  Bluetooth Device Manager - ok
20:58:50.0296 4652  [ D1A24CB67DDD6B2330416419FF3C8B8D ] Bluetooth Media Service C:\Program Files\Motorola\Bluetooth\audiosrv.exe
20:58:50.0307 4652  Bluetooth Media Service - ok
20:58:50.0335 4652  [ 34385A1FE66934D612B1397B7FCE6087 ] Bluetooth OBEX Service C:\Program Files\Motorola\Bluetooth\obexsrv.exe
20:58:50.0342 4652  Bluetooth OBEX Service - ok
20:58:50.0387 4652  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
20:58:50.0389 4652  bowser - ok
20:58:50.0445 4652  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
20:58:50.0446 4652  BrFiltLo - ok
20:58:50.0470 4652  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
20:58:50.0470 4652  BrFiltUp - ok
20:58:50.0503 4652  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
20:58:50.0505 4652  Browser - ok
20:58:50.0567 4652  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
20:58:50.0570 4652  Brserid - ok
20:58:50.0591 4652  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
20:58:50.0592 4652  BrSerWdm - ok
20:58:50.0621 4652  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
20:58:50.0621 4652  BrUsbMdm - ok
20:58:50.0641 4652  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
20:58:50.0641 4652  BrUsbSer - ok
20:58:50.0684 4652  [ CF98190A94F62E405C8CB255018B2315 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
20:58:50.0685 4652  BthEnum - ok
20:58:50.0713 4652  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
20:58:50.0715 4652  BTHMODEM - ok
20:58:50.0757 4652  [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
20:58:50.0759 4652  BthPan - ok
20:58:50.0841 4652  [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
20:58:50.0846 4652  BTHPORT - ok
20:58:50.0892 4652  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
20:58:50.0894 4652  bthserv - ok
20:58:50.0942 4652  [ F188B7394D81010767B6DF3178519A37 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
20:58:50.0943 4652  BTHUSB - ok
20:58:50.0999 4652  [ 3B5B2F6067D1962041ED3C5460C073CB ] BTMCOM          C:\Windows\System32\Drivers\btmcom.sys
20:58:51.0000 4652  BTMCOM - ok
20:58:51.0058 4652  [ 2DF43FDD8EAF0B4F9E1321B63F1513BF ] BTMHID          C:\Windows\system32\drivers\btmhid.sys
20:58:51.0059 4652  BTMHID - ok
20:58:51.0090 4652  [ 3B5B2F6067D1962041ED3C5460C073CB ] BTMMODEM        C:\Windows\system32\DRIVERS\btmcom.sys
20:58:51.0091 4652  BTMMODEM - ok
20:58:51.0155 4652  [ 0ED73FB02B5B1A4A4A90F649BB9282B3 ] BTMNET          C:\Windows\system32\DRIVERS\btmnet.sys
20:58:51.0155 4652  BTMNET - ok
20:58:51.0231 4652  [ 61BE0893247B9D76F3848E28C23ECF3B ] BTMUSB          C:\Windows\system32\Drivers\btmusb.sys
20:58:51.0238 4652  BTMUSB - ok
20:58:51.0269 4652  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
20:58:51.0271 4652  cdfs - ok
20:58:51.0365 4652  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
20:58:51.0367 4652  cdrom - ok
20:58:51.0441 4652  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
20:58:51.0442 4652  CertPropSvc - ok
20:58:51.0515 4652  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
20:58:51.0516 4652  circlass - ok
20:58:51.0547 4652  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
20:58:51.0551 4652  CLFS - ok
20:58:51.0705 4652  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:58:51.0706 4652  clr_optimization_v2.0.50727_32 - ok
20:58:51.0820 4652  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:58:51.0821 4652  clr_optimization_v2.0.50727_64 - ok
20:58:51.0895 4652  [ 50F92C943F18B070F166D019DFAB3D9A ] clwvd           C:\Windows\system32\DRIVERS\clwvd.sys
20:58:51.0896 4652  clwvd - ok
20:58:51.0930 4652  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
20:58:51.0931 4652  CmBatt - ok
20:58:51.0968 4652  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
20:58:51.0969 4652  cmdide - ok
20:58:52.0044 4652  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
20:58:52.0049 4652  CNG - ok
20:58:52.0136 4652  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
20:58:52.0136 4652  Compbatt - ok
20:58:52.0175 4652  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
20:58:52.0176 4652  CompositeBus - ok
20:58:52.0194 4652  COMSysApp - ok
20:58:52.0219 4652  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
20:58:52.0220 4652  crcdisk - ok
20:58:52.0274 4652  [ 4F5414602E2544A4554D95517948B705 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
20:58:52.0276 4652  CryptSvc - ok
20:58:52.0340 4652  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
20:58:52.0347 4652  DcomLaunch - ok
20:58:52.0490 4652  [ CC8B5C964B777F4EC3E89F13B4B5FF0F ] DCService.exe   C:\ProgramData\DatacardService\DCService.exe
20:58:52.0493 4652  DCService.exe - ok
20:58:52.0543 4652  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
20:58:52.0547 4652  defragsvc - ok
20:58:52.0600 4652  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
20:58:52.0602 4652  DfsC - ok
20:58:52.0645 4652  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
20:58:52.0648 4652  Dhcp - ok
20:58:52.0668 4652  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
20:58:52.0668 4652  discache - ok
20:58:52.0728 4652  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
20:58:52.0729 4652  Disk - ok
20:58:52.0772 4652  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
20:58:52.0774 4652  Dnscache - ok
20:58:52.0859 4652  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
20:58:52.0863 4652  dot3svc - ok
20:58:52.0899 4652  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
20:58:52.0901 4652  DPS - ok
20:58:52.0947 4652  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
20:58:52.0948 4652  drmkaud - ok
20:58:53.0101 4652  [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
20:58:53.0104 4652  dtsoftbus01 - ok
20:58:53.0363 4652  [ CE7743807258A7D383C427E3C178A49E ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
20:58:53.0372 4652  DXGKrnl - ok
20:58:53.0465 4652  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
20:58:53.0467 4652  EapHost - ok
20:58:54.0165 4652  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
20:58:54.0195 4652  ebdrv - ok
20:58:54.0248 4652  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
20:58:54.0249 4652  EFS - ok
20:58:54.0396 4652  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
20:58:54.0401 4652  elxstor - ok
20:58:54.0471 4652  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
20:58:54.0472 4652  ErrDev - ok
20:58:54.0627 4652  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
20:58:54.0633 4652  EventSystem - ok
20:58:54.0881 4652  [ DA7CEF9FFBBD6498DF106BCAB84EB10A ] ewusbnet        C:\Windows\system32\DRIVERS\ewusbnet.sys
20:58:54.0883 4652  ewusbnet - ok
20:58:54.0951 4652  [ E2CBB821C7CAE0EF8B56DE28ED85C740 ] ew_hwusbdev     C:\Windows\system32\DRIVERS\ew_hwusbdev.sys
20:58:54.0952 4652  ew_hwusbdev - ok
20:58:55.0022 4652  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
20:58:55.0023 4652  exfat - ok
20:58:55.0079 4652  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
20:58:55.0081 4652  fastfat - ok
20:58:55.0184 4652  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
20:58:55.0191 4652  Fax - ok
20:58:55.0210 4652  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
20:58:55.0211 4652  fdc - ok
20:58:55.0269 4652  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
20:58:55.0270 4652  fdPHost - ok
20:58:55.0324 4652  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
20:58:55.0325 4652  FDResPub - ok
20:58:55.0366 4652  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
20:58:55.0367 4652  FileInfo - ok
20:58:55.0404 4652  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
20:58:55.0404 4652  Filetrace - ok
20:58:55.0512 4652  [ 3D9B36631032FDE0FFEA0DC0260E4E35 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
20:58:55.0519 4652  FLEXnet Licensing Service - ok
20:58:55.0673 4652  [ 52C0312AB35EB7187015FB6A99136BB5 ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
20:58:55.0683 4652  FLEXnet Licensing Service 64 - ok
20:58:55.0714 4652  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
20:58:55.0715 4652  flpydisk - ok
20:58:55.0893 4652  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
20:58:55.0896 4652  FltMgr - ok
20:58:56.0332 4652  [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache       C:\Windows\system32\FntCache.dll
20:58:56.0342 4652  FontCache - ok
20:58:56.0442 4652  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:58:56.0443 4652  FontCache3.0.0.0 - ok
20:58:56.0501 4652  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
20:58:56.0502 4652  FsDepends - ok
20:58:56.0555 4652  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
20:58:56.0555 4652  Fs_Rec - ok
20:58:56.0662 4652  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
20:58:56.0664 4652  fvevol - ok
20:58:56.0769 4652  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
20:58:56.0771 4652  gagp30kx - ok
20:58:57.0056 4652  [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
20:58:57.0059 4652  GamesAppService - ok
20:58:57.0228 4652  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
20:58:57.0252 4652  gpsvc - ok
20:58:57.0408 4652  [ C1B577B2169900F4CF7190C39F085794 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
20:58:57.0410 4652  gusvc - ok
20:58:57.0443 4652  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
20:58:57.0444 4652  hcw85cir - ok
20:58:57.0533 4652  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:58:57.0537 4652  HdAudAddService - ok
20:58:57.0605 4652  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
20:58:57.0606 4652  HDAudBus - ok
20:58:57.0712 4652  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
20:58:57.0713 4652  HidBatt - ok
20:58:57.0734 4652  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
20:58:57.0735 4652  HidBth - ok
20:58:57.0796 4652  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
20:58:57.0797 4652  HidIr - ok
20:58:57.0919 4652  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
20:58:57.0921 4652  hidserv - ok
20:58:58.0053 4652  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
20:58:58.0054 4652  HidUsb - ok
20:58:58.0142 4652  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
20:58:58.0145 4652  hkmsvc - ok
20:58:58.0198 4652  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:58:58.0202 4652  HomeGroupListener - ok
20:58:58.0272 4652  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:58:58.0275 4652  HomeGroupProvider - ok
20:58:58.0442 4652  [ 13BB1114451C63BFB41BA7DAA4D70A29 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
20:58:58.0443 4652  HP Support Assistant Service - ok
20:58:58.0544 4652  [ 6A181452D4E240B8ECC7614B9A19BDE9 ] HPClientSvc     C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
20:58:58.0547 4652  HPClientSvc - ok
20:58:58.0737 4652  [ 3D85344F1B6A74B5EB1D97BB8DAEE224 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
20:58:58.0739 4652  HPDrvMntSvc.exe - ok
20:58:58.0813 4652  [ 4E0BEC0F78096FFD6D3314B497FC49D3 ] hpdskflt        C:\Windows\system32\drivers\hpdskflt.sys
20:58:58.0814 4652  hpdskflt - ok
20:58:59.0013 4652  [ 7BBD5B17B77CE24BAB3ADF54991ABB36 ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
20:58:59.0021 4652  hpqwmiex - ok
20:58:59.0146 4652  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
20:58:59.0147 4652  HpSAMD - ok
20:58:59.0193 4652  [ FC7C13B5A9E9BE23B7AE72BBC7FDB278 ] hpsrv           C:\Windows\system32\Hpservice.exe
20:58:59.0194 4652  hpsrv - ok
20:58:59.0351 4652  [ 77C15D7E8F002A173EEBFF0B20CD697D ] HPWMISVC        C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
20:58:59.0352 4652  HPWMISVC - ok
20:58:59.0474 4652  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
20:58:59.0481 4652  HTTP - ok
20:58:59.0527 4652  [ 6DBD08BC1331C78548298E82C4B667C5 ] huawei_enumerator C:\Windows\system32\DRIVERS\ew_jubusenum.sys
20:58:59.0528 4652  huawei_enumerator - ok
20:58:59.0634 4652  [ 6E5CD3984742A922D0C183C7E82C3C94 ] hwdatacard      C:\Windows\system32\DRIVERS\ewusbmdm.sys
20:58:59.0635 4652  hwdatacard - ok
20:58:59.0645 4652  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
20:58:59.0646 4652  hwpolicy - ok
20:58:59.0856 4652  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
20:58:59.0858 4652  i8042prt - ok
20:58:59.0926 4652  [ C224331A54571C8C9162F7714400BBBD ] iaStor          C:\Windows\system32\drivers\iaStor.sys
20:58:59.0932 4652  iaStor - ok
20:59:00.0135 4652  [ 7D4B9A48430ED57ACA6373B71D5904CA ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
20:59:00.0136 4652  IAStorDataMgrSvc - ok
20:59:00.0269 4652  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
20:59:00.0273 4652  iaStorV - ok
20:59:00.0542 4652  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:59:00.0550 4652  idsvc - ok
20:59:00.0623 4652  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
20:59:00.0624 4652  iirsp - ok
20:59:00.0806 4652  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
20:59:00.0815 4652  IKEEXT - ok
20:59:00.0966 4652  [ 6C9FFFECA9FED31347D211C5D1FFBD2D ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
20:59:00.0969 4652  IntcDAud - ok
20:59:01.0127 4652  [ 2D66067C7A8A0112156BCD1C0BAA7042 ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
20:59:01.0133 4652  Intel® Capability Licensing Service Interface - ok
20:59:01.0261 4652  [ C9DCE1CB628AEED3C0C30ABBF4F1E718 ] Intel® ME Service C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
20:59:01.0263 4652  Intel® ME Service - ok
20:59:01.0335 4652  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
20:59:01.0336 4652  intelide - ok
20:59:03.0482 4652  [ 54E37A4E66B2CA1C38E9728FAD5F9822 ] intelkmd        C:\Windows\system32\DRIVERS\igdpmd64.sys
20:59:03.0614 4652  intelkmd - ok
20:59:03.0658 4652  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
20:59:03.0659 4652  intelppm - ok
20:59:03.0734 4652  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
20:59:03.0736 4652  IPBusEnum - ok
20:59:03.0795 4652  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:59:03.0796 4652  IpFilterDriver - ok
20:59:03.0945 4652  [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
20:59:03.0951 4652  iphlpsvc - ok
20:59:03.0992 4652  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
20:59:03.0993 4652  IPMIDRV - ok
20:59:04.0053 4652  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
20:59:04.0055 4652  IPNAT - ok
20:59:04.0098 4652  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
20:59:04.0099 4652  IRENUM - ok
20:59:04.0137 4652  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
20:59:04.0138 4652  isapnp - ok
20:59:04.0192 4652  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
20:59:04.0195 4652  iScsiPrt - ok
20:59:04.0219 4652  [ DC0DBA5164F657DE2AE94B9D1FF75DA4 ] iusb3hcs        C:\Windows\system32\drivers\iusb3hcs.sys
20:59:04.0220 4652  iusb3hcs - ok
20:59:04.0255 4652  [ BA4F3A70F03584E5B907DA815677727D ] iusb3hub        C:\Windows\system32\drivers\iusb3hub.sys
20:59:04.0259 4652  iusb3hub - ok
20:59:04.0296 4652  [ E6130F70D61867C7EFC13A2F808EDC58 ] iusb3xhc        C:\Windows\system32\drivers\iusb3xhc.sys
20:59:04.0304 4652  iusb3xhc - ok
20:59:04.0385 4652  [ 3628933AF5305EAB8173949BFF912F04 ] jhi_service     C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
20:59:04.0387 4652  jhi_service - ok
20:59:04.0402 4652  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
20:59:04.0403 4652  kbdclass - ok
20:59:04.0439 4652  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
20:59:04.0440 4652  kbdhid - ok
20:59:04.0459 4652  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
20:59:04.0460 4652  KeyIso - ok
20:59:04.0493 4652  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
20:59:04.0494 4652  KSecDD - ok
20:59:04.0513 4652  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
20:59:04.0515 4652  KSecPkg - ok
20:59:04.0547 4652  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
20:59:04.0548 4652  ksthunk - ok
20:59:04.0592 4652  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
20:59:04.0597 4652  KtmRm - ok
20:59:04.0678 4652  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
20:59:04.0682 4652  LanmanServer - ok
20:59:04.0728 4652  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:59:04.0731 4652  LanmanWorkstation - ok
20:59:04.0785 4652  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
20:59:04.0787 4652  lltdio - ok
20:59:04.0824 4652  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
20:59:04.0828 4652  lltdsvc - ok
20:59:04.0848 4652  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
20:59:04.0850 4652  lmhosts - ok
20:59:04.0910 4652  [ BF22ACF4CF3734D61357E67F0521BC03 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
20:59:04.0913 4652  LMS - ok
20:59:04.0954 4652  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
20:59:04.0955 4652  LSI_FC - ok
20:59:04.0996 4652  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
20:59:04.0998 4652  LSI_SAS - ok
20:59:05.0020 4652  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
20:59:05.0021 4652  LSI_SAS2 - ok
20:59:05.0064 4652  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
20:59:05.0065 4652  LSI_SCSI - ok
20:59:05.0117 4652  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
20:59:05.0118 4652  luafv - ok
20:59:05.0153 4652  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
20:59:05.0154 4652  megasas - ok
20:59:05.0176 4652  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
20:59:05.0179 4652  MegaSR - ok
20:59:05.0236 4652  [ 6B01B7414A105B9E51652089A03027CF ] MEIx64          C:\Windows\system32\drivers\HECIx64.sys
20:59:05.0237 4652  MEIx64 - ok
20:59:05.0319 4652  [ FAFE367D032ED82E9332B4C741A20216 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
20:59:05.0325 4652  Microsoft Office Groove Audit Service - ok
20:59:05.0376 4652  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
20:59:05.0378 4652  MMCSS - ok
20:59:05.0424 4652  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
20:59:05.0425 4652  Modem - ok
20:59:05.0450 4652  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
20:59:05.0451 4652  monitor - ok
20:59:05.0509 4652  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
20:59:05.0510 4652  mouclass - ok
20:59:05.0552 4652  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
20:59:05.0553 4652  mouhid - ok
20:59:05.0580 4652  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
20:59:05.0581 4652  mountmgr - ok
20:59:05.0634 4652  [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:59:05.0636 4652  MozillaMaintenance - ok
20:59:05.0709 4652  [ C177A7EBF5E8A0B596F618870516CAB8 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
20:59:05.0711 4652  MpFilter - ok
20:59:05.0764 4652  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
20:59:05.0766 4652  mpio - ok
20:59:05.0807 4652  [ 8FBF6B31FE8AF1833D93C5913D5B4D55 ] MpNWMon         C:\Windows\system32\DRIVERS\MpNWMon.sys
20:59:05.0808 4652  MpNWMon - ok
20:59:05.0846 4652  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
20:59:05.0847 4652  mpsdrv - ok
20:59:05.0892 4652  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
20:59:05.0901 4652  MpsSvc - ok
20:59:05.0951 4652  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
20:59:05.0953 4652  MRxDAV - ok
20:59:05.0998 4652  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
20:59:06.0000 4652  mrxsmb - ok
20:59:06.0040 4652  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:59:06.0044 4652  mrxsmb10 - ok
20:59:06.0065 4652  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:59:06.0066 4652  mrxsmb20 - ok
20:59:06.0111 4652  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
20:59:06.0112 4652  msahci - ok
20:59:06.0154 4652  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
20:59:06.0156 4652  msdsm - ok
20:59:06.0208 4652  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
20:59:06.0211 4652  MSDTC - ok
20:59:06.0251 4652  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
20:59:06.0252 4652  Msfs - ok
20:59:06.0295 4652  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
20:59:06.0295 4652  mshidkmdf - ok
20:59:06.0348 4652  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
20:59:06.0349 4652  msisadrv - ok
20:59:06.0416 4652  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
20:59:06.0418 4652  MSiSCSI - ok
20:59:06.0423 4652  msiserver - ok
20:59:06.0457 4652  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
20:59:06.0458 4652  MSKSSRV - ok
20:59:06.0571 4652  [ 157E9E498206A3366BAA7E4697BDD947 ] MsMpSvc         C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
20:59:06.0572 4652  MsMpSvc - ok
20:59:06.0657 4652  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
20:59:06.0658 4652  MSPCLOCK - ok
20:59:06.0675 4652  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
20:59:06.0676 4652  MSPQM - ok
20:59:06.0747 4652  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
20:59:06.0751 4652  MsRPC - ok
20:59:06.0791 4652  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
20:59:06.0792 4652  mssmbios - ok
20:59:06.0842 4652  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
20:59:06.0843 4652  MSTEE - ok
20:59:06.0864 4652  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
20:59:06.0865 4652  MTConfig - ok
20:59:06.0889 4652  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
20:59:06.0890 4652  Mup - ok
20:59:07.0061 4652  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
20:59:07.0067 4652  napagent - ok
20:59:07.0305 4652  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
20:59:07.0308 4652  NativeWifiP - ok
20:59:07.0468 4652  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
20:59:07.0478 4652  NDIS - ok
20:59:07.0508 4652  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
20:59:07.0509 4652  NdisCap - ok
20:59:07.0546 4652  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
20:59:07.0547 4652  NdisTapi - ok
20:59:07.0566 4652  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
20:59:07.0567 4652  Ndisuio - ok
20:59:07.0585 4652  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
20:59:07.0587 4652  NdisWan - ok
20:59:07.0620 4652  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
20:59:07.0621 4652  NDProxy - ok
20:59:07.0682 4652  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
20:59:07.0683 4652  NetBIOS - ok
20:59:07.0709 4652  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
20:59:07.0712 4652  NetBT - ok
20:59:07.0747 4652  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
20:59:07.0749 4652  Netlogon - ok
20:59:07.0792 4652  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
20:59:07.0797 4652  Netman - ok
20:59:07.0821 4652  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
20:59:07.0827 4652  netprofm - ok
20:59:07.0902 4652  [ 2F06E01DE7A3E366185E65C41C9DEBF7 ] netr28x         C:\Windows\system32\DRIVERS\netr28x.sys
20:59:07.0917 4652  netr28x - ok
20:59:07.0947 4652  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:59:07.0948 4652  NetTcpPortSharing - ok
20:59:07.0998 4652  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
20:59:07.0999 4652  nfrd960 - ok
20:59:08.0056 4652  [ 5F7D72CBCDD025AF1F38FDEEE5646968 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
20:59:08.0057 4652  NisDrv - ok
20:59:08.0079 4652  [ 566DDD5D82520DA01D75F81428AC4C38 ] NisSrv          C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
20:59:08.0082 4652  NisSrv - ok
20:59:08.0137 4652  [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc          C:\Windows\System32\nlasvc.dll
20:59:08.0142 4652  NlaSvc - ok
20:59:08.0166 4652  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
20:59:08.0167 4652  Npfs - ok
20:59:08.0198 4652  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
20:59:08.0200 4652  nsi - ok
20:59:08.0211 4652  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
20:59:08.0212 4652  nsiproxy - ok
20:59:08.0299 4652  [ A2F74975097F52A00745F9637451FDD8 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
20:59:08.0315 4652  Ntfs - ok
20:59:08.0341 4652  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
20:59:08.0341 4652  Null - ok
20:59:08.0398 4652  [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD        C:\Windows\system32\DRIVERS\nvm62x64.sys
20:59:08.0402 4652  NVENETFD - ok
20:59:08.0438 4652  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
20:59:08.0440 4652  nvraid - ok
20:59:08.0489 4652  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
20:59:08.0491 4652  nvstor - ok
20:59:08.0525 4652  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
20:59:08.0527 4652  nv_agp - ok
20:59:08.0610 4652  [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:59:08.0615 4652  odserv - ok
20:59:08.0644 4652  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
20:59:08.0645 4652  ohci1394 - ok
20:59:08.0691 4652  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:59:08.0693 4652  ose - ok
20:59:08.0744 4652  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
20:59:08.0748 4652  p2pimsvc - ok
20:59:08.0775 4652  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
20:59:08.0781 4652  p2psvc - ok
20:59:08.0831 4652  [ 1C07918D011BB2A52414575F0423EC01 ] PanService      C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
20:59:08.0837 4652  PanService - ok
20:59:08.0866 4652  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\drivers\parport.sys
20:59:08.0869 4652  Parport - ok
20:59:08.0900 4652  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
20:59:08.0902 4652  partmgr - ok
20:59:08.0989 4652  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
20:59:08.0992 4652  PcaSvc - ok
20:59:09.0048 4652  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
20:59:09.0051 4652  pci - ok
20:59:09.0122 4652  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
20:59:09.0122 4652  pciide - ok
20:59:09.0154 4652  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
20:59:09.0156 4652  pcmcia - ok
20:59:09.0233 4652  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
20:59:09.0234 4652  pcw - ok
20:59:09.0291 4652  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
20:59:09.0298 4652  PEAUTH - ok
20:59:09.0710 4652  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
20:59:09.0711 4652  PerfHost - ok
20:59:09.0787 4652  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
20:59:09.0801 4652  pla - ok
20:59:09.0877 4652  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
20:59:09.0882 4652  PlugPlay - ok
20:59:09.0969 4652  PnkBstrA - ok
20:59:10.0049 4652  PnkBstrB - ok
20:59:10.0095 4652  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
20:59:10.0097 4652  PNRPAutoReg - ok
20:59:10.0132 4652  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
20:59:10.0137 4652  PNRPsvc - ok
20:59:10.0191 4652  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
20:59:10.0197 4652  PolicyAgent - ok
20:59:10.0229 4652  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
20:59:10.0233 4652  Power - ok
20:59:10.0289 4652  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
20:59:10.0290 4652  PptpMiniport - ok
20:59:10.0326 4652  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
20:59:10.0327 4652  Processor - ok
20:59:10.0378 4652  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
20:59:10.0381 4652  ProfSvc - ok
20:59:10.0414 4652  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:59:10.0416 4652  ProtectedStorage - ok
20:59:10.0468 4652  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
20:59:10.0470 4652  Psched - ok
20:59:10.0537 4652  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
20:59:10.0551 4652  ql2300 - ok
20:59:10.0608 4652  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
20:59:10.0610 4652  ql40xx - ok
20:59:10.0639 4652  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
20:59:10.0643 4652  QWAVE - ok
20:59:10.0676 4652  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
20:59:10.0678 4652  QWAVEdrv - ok
20:59:10.0699 4652  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
20:59:10.0700 4652  RasAcd - ok
20:59:10.0748 4652  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
20:59:10.0749 4652  RasAgileVpn - ok
20:59:10.0790 4652  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
20:59:10.0794 4652  RasAuto - ok
20:59:10.0817 4652  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
20:59:10.0819 4652  Rasl2tp - ok
20:59:10.0902 4652  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
20:59:10.0907 4652  RasMan - ok
20:59:10.0997 4652  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
20:59:10.0998 4652  RasPppoe - ok
20:59:11.0038 4652  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
20:59:11.0039 4652  RasSstp - ok
20:59:11.0068 4652  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
20:59:11.0071 4652  rdbss - ok
20:59:11.0088 4652  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
20:59:11.0089 4652  rdpbus - ok
20:59:11.0115 4652  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
20:59:11.0116 4652  RDPCDD - ok
20:59:11.0190 4652  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
20:59:11.0191 4652  RDPENCDD - ok
20:59:11.0215 4652  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
20:59:11.0216 4652  RDPREFMP - ok
20:59:11.0359 4652  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
20:59:11.0361 4652  RDPWD - ok
20:59:11.0491 4652  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
20:59:11.0493 4652  rdyboost - ok
20:59:11.0547 4652  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
20:59:11.0549 4652  RemoteAccess - ok
20:59:11.0622 4652  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
20:59:11.0625 4652  RemoteRegistry - ok
20:59:11.0685 4652  [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
20:59:11.0688 4652  RFCOMM - ok
20:59:11.0733 4652  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
20:59:11.0735 4652  RpcEptMapper - ok
20:59:11.0776 4652  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
20:59:11.0777 4652  RpcLocator - ok
20:59:11.0896 4652  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
20:59:11.0902 4652  RpcSs - ok
20:59:11.0982 4652  [ 1BDF0DFB56603888E7BA07A99BFF3C97 ] RSP2STOR        C:\Windows\system32\DRIVERS\RtsP2Stor.sys
20:59:11.0985 4652  RSP2STOR - ok
20:59:12.0053 4652  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
20:59:12.0054 4652  rspndr - ok
20:59:12.0219 4652  [ 9140DB0911DE035FED0A9A77A2D156EA ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
20:59:12.0224 4652  RTL8167 - ok
20:59:12.0248 4652  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
20:59:12.0250 4652  SamSs - ok
20:59:12.0282 4652  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
20:59:12.0284 4652  sbp2port - ok
20:59:12.0385 4652  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
20:59:12.0389 4652  SCardSvr - ok
20:59:12.0417 4652  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
20:59:12.0418 4652  scfilter - ok
20:59:12.0565 4652  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
20:59:12.0577 4652  Schedule - ok
20:59:12.0731 4652  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
20:59:12.0733 4652  SCPolicySvc - ok
20:59:12.0836 4652  [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
20:59:12.0838 4652  sdbus - ok
20:59:12.0890 4652  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
20:59:12.0894 4652  SDRSVC - ok
20:59:12.0950 4652  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
20:59:12.0952 4652  secdrv - ok
20:59:13.0011 4652  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
20:59:13.0013 4652  seclogon - ok
20:59:13.0065 4652  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
20:59:13.0067 4652  SENS - ok
20:59:13.0121 4652  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
20:59:13.0123 4652  SensrSvc - ok
20:59:13.0135 4652  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\drivers\serenum.sys
20:59:13.0136 4652  Serenum - ok
20:59:13.0199 4652  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\drivers\serial.sys
20:59:13.0201 4652  Serial - ok
20:59:13.0311 4652  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
20:59:13.0311 4652  sermouse - ok
20:59:13.0379 4652  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
20:59:13.0381 4652  SessionEnv - ok
20:59:13.0458 4652  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
20:59:13.0459 4652  sffdisk - ok
20:59:13.0500 4652  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
20:59:13.0501 4652  sffp_mmc - ok
20:59:13.0518 4652  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
20:59:13.0519 4652  sffp_sd - ok
20:59:13.0578 4652  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
20:59:13.0579 4652  sfloppy - ok
20:59:13.0667 4652  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
20:59:13.0671 4652  SharedAccess - ok
20:59:13.0805 4652  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:59:13.0809 4652  ShellHWDetection - ok
20:59:13.0867 4652  [ E9E830D540EDEDED650F906628468548 ] simptcp         C:\Windows\System32\tcpsvcs.exe
20:59:13.0869 4652  simptcp - ok
20:59:13.0976 4652  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
20:59:13.0977 4652  SiSRaid2 - ok
20:59:14.0030 4652  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
20:59:14.0031 4652  SiSRaid4 - ok
20:59:14.0981 4652  [ 0C1B2E3A897397738D9F81CD3D152AF0 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
20:59:15.0010 4652  Skype C2C Service - ok
20:59:15.0189 4652  [ 65F9539E506D43FCD7CB59F8FD5CCABC ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
20:59:15.0191 4652  SkypeUpdate - ok
20:59:15.0306 4652  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
20:59:15.0307 4652  Smb - ok
20:59:15.0358 4652  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
20:59:15.0360 4652  SNMPTRAP - ok
20:59:15.0386 4652  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
20:59:15.0387 4652  spldr - ok
20:59:15.0459 4652  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
20:59:15.0466 4652  Spooler - ok
20:59:15.0978 4652  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
20:59:16.0011 4652  sppsvc - ok
20:59:16.0068 4652  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
20:59:16.0071 4652  sppuinotify - ok
20:59:16.0153 4652  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
20:59:16.0158 4652  srv - ok
20:59:16.0208 4652  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
20:59:16.0212 4652  srv2 - ok
20:59:16.0329 4652  [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA       C:\Windows\system32\DRIVERS\VSTAZL6.SYS
20:59:16.0332 4652  SrvHsfHDA - ok
20:59:16.0571 4652  [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92       C:\Windows\system32\DRIVERS\VSTDPV6.SYS
20:59:16.0585 4652  SrvHsfV92 - ok
20:59:16.0731 4652  [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac     C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
20:59:16.0738 4652  SrvHsfWinac - ok
20:59:16.0771 4652  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
20:59:16.0773 4652  srvnet - ok
20:59:16.0836 4652  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
20:59:16.0840 4652  SSDPSRV - ok
20:59:16.0858 4652  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
20:59:16.0861 4652  SstpSvc - ok
20:59:17.0053 4652  [ D30FE3ECF1D6D521365FAE307B500BC0 ] STacSV          C:\Program Files\IDT\WDM\STacSV64.exe
20:59:17.0056 4652  STacSV - ok
20:59:17.0099 4652  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
20:59:17.0100 4652  stexstor - ok
20:59:17.0282 4652  [ 6F69D75F50E8FAF1003AA6CFB18B91EC ] STHDA           C:\Windows\system32\DRIVERS\stwrt64.sys
20:59:17.0287 4652  STHDA - ok
20:59:17.0431 4652  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
20:59:17.0438 4652  stisvc - ok
20:59:17.0479 4652  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
20:59:17.0480 4652  swenum - ok
20:59:17.0555 4652  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
20:59:17.0562 4652  swprv - ok
20:59:17.0672 4652  [ 772493A8945495F1A287BF6C4CA25B48 ] SynTP           C:\Windows\system32\drivers\SynTP.sys
20:59:17.0676 4652  SynTP - ok
20:59:17.0976 4652  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
20:59:17.0993 4652  SysMain - ok
20:59:18.0045 4652  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:59:18.0047 4652  TabletInputService - ok
20:59:18.0103 4652  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
20:59:18.0108 4652  TapiSrv - ok
20:59:18.0140 4652  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
20:59:18.0143 4652  TBS - ok
20:59:18.0547 4652  [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
20:59:18.0565 4652  Tcpip - ok
20:59:18.0914 4652  [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
20:59:18.0931 4652  TCPIP6 - ok
20:59:18.0970 4652  [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
20:59:18.0971 4652  tcpipreg - ok
20:59:19.0002 4652  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
20:59:19.0002 4652  TDPIPE - ok
20:59:19.0033 4652  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
20:59:19.0034 4652  TDTCP - ok
20:59:19.0080 4652  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
20:59:19.0082 4652  tdx - ok
20:59:19.0123 4652  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
20:59:19.0124 4652  TermDD - ok
20:59:19.0278 4652  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
20:59:19.0286 4652  TermService - ok
20:59:19.0349 4652  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
20:59:19.0351 4652  Themes - ok
20:59:19.0398 4652  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
20:59:19.0400 4652  THREADORDER - ok
20:59:19.0495 4652  [ 519CB7D7F697F4BA47DE05845C20F158 ] TlntSvr         C:\Windows\System32\tlntsvr.exe
20:59:19.0499 4652  TlntSvr - ok
20:59:19.0574 4652  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
20:59:19.0577 4652  TrkWks - ok
20:59:19.0642 4652  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:59:19.0645 4652  TrustedInstaller - ok
20:59:19.0719 4652  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
20:59:19.0720 4652  tssecsrv - ok
20:59:19.0766 4652  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
20:59:19.0767 4652  TsUsbFlt - ok
20:59:19.0781 4652  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
20:59:19.0782 4652  TsUsbGD - ok
20:59:19.0845 4652  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
20:59:19.0847 4652  tunnel - ok
20:59:19.0880 4652  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
20:59:19.0881 4652  uagp35 - ok
20:59:19.0929 4652  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
20:59:19.0932 4652  udfs - ok
20:59:20.0020 4652  [ 3DB9BCD5223C790BDF5C5E9966A8FA36 ] UDisk Monitor   C:\Program Files\MBlaze UI\bin\MonServiceUDisk.exe
20:59:20.0024 4652  UDisk Monitor - ok
20:59:20.0054 4652  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
20:59:20.0056 4652  UI0Detect - ok
20:59:20.0081 4652  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
20:59:20.0082 4652  uliagpkx - ok
20:59:20.0122 4652  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
20:59:20.0123 4652  umbus - ok
20:59:20.0148 4652  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
20:59:20.0149 4652  UmPass - ok
20:59:20.0253 4652  [ B097EBA0E3FEB020BB65FE43AF5ECCFF ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
20:59:20.0256 4652  UNS - ok
20:59:20.0293 4652  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
20:59:20.0298 4652  upnphost - ok
20:59:20.0315 4652  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
20:59:20.0317 4652  usbccgp - ok
20:59:20.0339 4652  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
20:59:20.0341 4652  usbcir - ok
20:59:20.0365 4652  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\drivers\usbehci.sys
20:59:20.0366 4652  usbehci - ok
20:59:20.0597 4652  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\drivers\usbhub.sys
20:59:20.0601 4652  usbhub - ok
20:59:20.0687 4652  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
20:59:20.0687 4652  usbohci - ok
20:59:20.0787 4652  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\drivers\usbprint.sys
20:59:20.0788 4652  usbprint - ok
20:59:20.0835 4652  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:59:20.0836 4652  USBSTOR - ok
20:59:20.0876 4652  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
20:59:20.0877 4652  usbuhci - ok
20:59:20.0935 4652  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
20:59:20.0957 4652  usbvideo - ok
20:59:21.0027 4652  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
20:59:21.0030 4652  UxSms - ok
20:59:21.0070 4652  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
20:59:21.0072 4652  VaultSvc - ok
20:59:21.0401 4652  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
20:59:21.0402 4652  vdrvroot - ok
20:59:21.0666 4652  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
20:59:21.0673 4652  vds - ok
20:59:21.0790 4652  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
20:59:21.0791 4652  vga - ok
20:59:21.0846 4652  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
20:59:21.0847 4652  VgaSave - ok
20:59:22.0562 4652  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
20:59:22.0565 4652  vhdmp - ok
20:59:22.0651 4652  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
20:59:22.0652 4652  viaide - ok
20:59:22.0724 4652  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
20:59:22.0725 4652  volmgr - ok
20:59:22.0852 4652  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
20:59:22.0856 4652  volmgrx - ok
20:59:22.0974 4652  [ DF8126BD41180351A093A3AD2FC8903B ] volsnap         C:\Windows\system32\drivers\volsnap.sys
20:59:22.0978 4652  volsnap - ok
20:59:23.0035 4652  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
20:59:23.0037 4652  vsmraid - ok
20:59:23.0326 4652  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
20:59:23.0341 4652  VSS - ok
20:59:23.0356 4652  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
20:59:23.0357 4652  vwifibus - ok
20:59:23.0398 4652  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
20:59:23.0400 4652  vwififlt - ok
20:59:23.0432 4652  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
20:59:23.0433 4652  vwifimp - ok
20:59:23.0463 4652  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
20:59:23.0469 4652  W32Time - ok
20:59:23.0517 4652  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
20:59:23.0518 4652  WacomPen - ok
20:59:23.0577 4652  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
20:59:23.0578 4652  WANARP - ok
20:59:23.0585 4652  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
20:59:23.0587 4652  Wanarpv6 - ok
20:59:23.0639 4652  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
20:59:23.0654 4652  wbengine - ok
20:59:23.0688 4652  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
20:59:23.0692 4652  WbioSrvc - ok
20:59:23.0772 4652  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
20:59:23.0777 4652  wcncsvc - ok
20:59:23.0804 4652  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:59:23.0806 4652  WcsPlugInService - ok
20:59:23.0830 4652  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
20:59:23.0831 4652  Wd - ok
20:59:23.0906 4652  [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
20:59:23.0912 4652  Wdf01000 - ok
20:59:23.0992 4652  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
20:59:23.0995 4652  WdiServiceHost - ok
20:59:24.0001 4652  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
20:59:24.0004 4652  WdiSystemHost - ok
20:59:24.0046 4652  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
20:59:24.0050 4652  WebClient - ok
20:59:24.0075 4652  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
20:59:24.0079 4652  Wecsvc - ok
20:59:24.0119 4652  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
20:59:24.0122 4652  wercplsupport - ok
20:59:24.0134 4652  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
20:59:24.0137 4652  WerSvc - ok
20:59:24.0187 4652  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
20:59:24.0187 4652  WfpLwf - ok
20:59:24.0205 4652  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
20:59:24.0206 4652  WIMMount - ok
20:59:24.0219 4652  WinDefend - ok
20:59:24.0225 4652  WinHttpAutoProxySvc - ok
20:59:24.0342 4652  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
20:59:24.0345 4652  Winmgmt - ok
20:59:24.0549 4652  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
20:59:24.0569 4652  WinRM - ok
20:59:24.0634 4652  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
20:59:24.0635 4652  WinUsb - ok
20:59:24.0702 4652  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
20:59:24.0712 4652  Wlansvc - ok
20:59:24.0759 4652  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
20:59:24.0760 4652  wlcrasvc - ok
20:59:24.0934 4652  [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:59:24.0955 4652  wlidsvc - ok
20:59:25.0009 4652  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
20:59:25.0010 4652  WmiAcpi - ok
20:59:25.0051 4652  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
20:59:25.0053 4652  wmiApSrv - ok
20:59:25.0089 4652  WMPNetworkSvc - ok
20:59:25.0152 4652  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
20:59:25.0155 4652  WPCSvc - ok
20:59:25.0175 4652  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
20:59:25.0178 4652  WPDBusEnum - ok
20:59:25.0218 4652  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
20:59:25.0219 4652  ws2ifsl - ok
20:59:25.0249 4652  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
20:59:25.0252 4652  wscsvc - ok
20:59:25.0256 4652  WSearch - ok
20:59:25.0363 4652  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
20:59:25.0391 4652  wuauserv - ok
20:59:25.0431 4652  [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
20:59:25.0433 4652  WudfPf - ok
20:59:25.0556 4652  [ CF8D590BE3373029D57AF80914190682 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
20:59:25.0558 4652  WUDFRd - ok
20:59:25.0606 4652  [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
20:59:25.0608 4652  wudfsvc - ok
20:59:25.0640 4652  [ CE8CF9DE9CBFDAA318BD04D8BE3FCADA ] WwanSvc         C:\Windows\System32\wwansvc.dll
20:59:25.0644 4652  WwanSvc - ok
20:59:25.0699 4652  [ B36E54DD76DCAC72581306F5504C6491 ] ztemtusbser     C:\Windows\system32\DRIVERS\CT_ZTEMT_U_USBSER.sys
20:59:25.0700 4652  ztemtusbser - ok
20:59:25.0753 4652  ================ Scan global ===============================
20:59:25.0813 4652  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
20:59:25.0877 4652  [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
20:59:25.0893 4652  [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
20:59:25.0960 4652  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
20:59:25.0997 4652  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
20:59:26.0001 4652  [Global] - ok
20:59:26.0002 4652  ================ Scan MBR ==================================
20:59:26.0012 4652  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:59:27.0017 4652  \Device\Harddisk0\DR0 - ok
20:59:27.0018 4652  ================ Scan VBR ==================================
20:59:27.0032 4652  [ 09D6103A3D101B9921CCBC9413E3C164 ] \Device\Harddisk0\DR0\Partition1
20:59:27.0074 4652  \Device\Harddisk0\DR0\Partition1 - ok
20:59:27.0086 4652  [ 8BEF7DB1171C139C1941180FB66F1249 ] \Device\Harddisk0\DR0\Partition2
20:59:27.0097 4652  \Device\Harddisk0\DR0\Partition2 - ok
20:59:27.0117 4652  [ 05585D220271AE7FEB554D11FA1DC4DD ] \Device\Harddisk0\DR0\Partition3
20:59:27.0137 4652  \Device\Harddisk0\DR0\Partition3 - ok
20:59:27.0173 4652  [ 46D80CCC102ED1491C4798FA7C9A68E5 ] \Device\Harddisk0\DR0\Partition4
20:59:27.0199 4652  \Device\Harddisk0\DR0\Partition4 - ok
20:59:27.0199 4652  ============================================================
20:59:27.0199 4652  Scan finished
20:59:27.0199 4652  ============================================================
20:59:27.0216 4664  Detected object count: 0
20:59:27.0216 4664  Actual detected object count: 0
20:59:41.0368 4596  Deinitialize success


#13 nasdaq

nasdaq

  • Malware Response Team
  • 39,559 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:01:57 AM

Posted 06 June 2013 - 12:27 PM

Looking good.

Any issues pending?

#14 rajuvishnu52

rajuvishnu52
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Kerala,India
  • Local time:11:27 AM

Posted 06 June 2013 - 12:35 PM

Looks the systemis working just fine...Thanks a lot for your help...can I uninstall all those I have Installed eg--- combofix, jrt, adwcleaner,.....



#15 rajuvishnu52

rajuvishnu52
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Kerala,India
  • Local time:11:27 AM

Posted 06 June 2013 - 12:53 PM

cant turn on the ms essentials 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users